#define VC_IOCTL_IS_RAM_ENCRYPTION_ENABLED TC_IOCTL (42)

// Legacy IOCTLs used before version 5.0

#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968

#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948

BOOL HwEncryptionEnabled;

} GetSystemDriveDumpConfigRequest;

#pragma pack (pop)

#define DRIVER_STR WIDE

#define TC_DRIVER_CONFIG_REG_VALUE_NAME DRIVER_STR("VeraCryptConfig")

#define TC_ENCRYPTION_FREE_CPU_COUNT_REG_VALUE_NAME DRIVER_STR("VeraCryptEncryptionFreeCpuCount")

// WARNING: Modifying the following values can introduce incompatibility with previous versions.

#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD 0x1

#define TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES 0x2

#endif // !SETUP

EfiBootConf::EfiBootConf() : passwordType (0),

passwordMsg ("Password: "),

ULONG len;

NTSTATUS res;

WCHAR tempBuf[1024];

memset(tempBuf, 0, sizeof(tempBuf));

// Load NtQuerySystemInformation function point

if (!NtQuerySystemInformationPtr)

{

}

res = NtQuerySystemInformationPtr((SYSTEM_INFORMATION_CLASS)SYSPARTITIONINFORMATION, tempBuf, sizeof(tempBuf), &len);

#include "Exception.h"

#include "Platform/PlatformBase.h"

#include "Volumes.h"

typedef ULONG (WINAPI *RtlNtStatusToDosErrorFn)(

NTSTATUS Status

CAPTION "VeraCrypt"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

END

IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 74

#if !defined(_UEFI)

#include <string.h>

#ifndef TC_WINDOWS_BOOT

#include "EncryptionThreadPool.h"

#endif

#endif

return TRUE;

}

{

if (i = EAGetPreviousCipher(ea, i))

{

}

}

// Returns name of EA, cascaded cipher names are separated by hyphens

{

if (guiDisplay)

{

}

else

{

int i = EAGetLastCipher(ea);

while (i = EAGetPreviousCipher(ea, i))

{

}

}

return buf;

do

{

#if defined(_UEFI)

if (wcscmp(n, name) == 0)

#else

return pHash? pHash -> Name : L"";

}

{

Hash* pHash = HashGet(hashId);

if (pHash)

else

buf[0] = L'\0';

}

int EAGetCount (void);

int EAGetNext (int previousEA);

#ifndef TC_WINDOWS_BOOT

int EAGetByName (wchar_t *name);

#endif

int EAGetKeySize (int ea);

int HashGetIdByName (wchar_t *name);

#endif

Hash *HashGet (int id);

BOOL HashIsDeprecated (int hashId);

BOOL HashForSystemEncryption (int hashId);

int GetMaxPkcs5OutSize (void);

#include <WinTrust.h>

#include <strsafe.h>

#pragma comment( lib, "setupapi.lib" )

#ifndef TTI_INFO_LARGE

#ifndef SETUP

BOOL bLanguageSetInSetup = FALSE;

#endif

// Status of detection of hidden sectors (whole-system-drive encryption).

static WTHELPERGETPROVSIGNERFROMCHAIN WTHelperGetProvSignerFromChainFn = NULL;

static WTHELPERGETPROVCERTFROMCHAIN WTHelperGetProvCertFromChainFn = NULL;

static unsigned char gpbSha256CodeSignCertFingerprint[64] = {

};

L"Based on TrueCrypt 7.1a, freely available at http://www.truecrypt.org/ .\r\n\r\n"

L"Portions of this software:\r\n"

L"Copyright \xA9 2003-2012 TrueCrypt Developers Association. All Rights Reserved.\r\n"

L"Copyright \xA9 1998-2000 Paul Le Roux. All Rights Reserved.\r\n"

L"Copyright \xA9 1998-2008 Brian Gladman. All Rights Reserved.\r\n"

L"Copyright \xA9 2013-2019 Stephan Mueller <smueller@chronox.de>\r\n\r\n"

L"This software as a whole:\r\n"

L"An IDRIX Release");

SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL);

}

/*

* Use RtlGetVersion to get Windows version because GetVersionEx is affected by application manifestation.

*/

static BOOL GetWindowsVersion(LPOSVERSIONINFOW lpVersionInformation)

{

BOOL bRet = FALSE;

RtlGetVersionPtr RtlGetVersionFn = (RtlGetVersionPtr) GetProcAddress(GetModuleHandle (L"ntdll.dll"), "RtlGetVersion");

if (RtlGetVersionFn != NULL)

{

if (!bRet)

bRet = GetVersionExW (lpVersionInformation);

return bRet;

}

RemoteSession = GetSystemMetrics (SM_REMOTESESSION) != 0;

{

MessageBoxW (NULL, GetString ("UNSUPPORTED_OS"), lpszTitle, MB_ICONSTOP);

exit (1);

}

else

{

// Service pack check & warnings about critical MS issues

switch (nCurrentOS)

{

case WIN_XP:

if (CurrentOSServicePack < 1)

{

benchmarkTable[benchmarkTotalItems].decSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart;

benchmarkTable[benchmarkTotalItems].id = ci->ea;

benchmarkTable[benchmarkTotalItems].meanBytesPerSec = ((unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart)) + (unsigned __int64) (benchmarkBufferSize / ((float) benchmarkTable[benchmarkTotalItems].decSpeed / benchmarkPerformanceFrequency.QuadPart))) / 2;

benchmarkTotalItems++;

}

for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))

{

if (EAGetCipherCount (ea) == 1 && EAIsFormatEnabled (ea))

}

ResetCipherTest(hwndDlg, idTestCipher);

>= (major << 16 | minor << 8 | reqMinServicePack));

}

BOOL Is64BitOs()

{

USHORT processMachine, nativeMachine;

if (fnIsWow64Process2(GetCurrentProcess(), &processMachine, &nativeMachine))

{

isARM = TRUE;

else

isARM = FALSE;

#endif

static BOOL InitializeWintrust()

{

if (!hWinTrustLib)

BOOL VerifyModuleSignature (const wchar_t* path)

{

BOOL bResult = FALSE;

HRESULT hResult;

GUID gActionID = WINTRUST_ACTION_GENERIC_VERIFY_V2;

WINTRUST_DATA WVTData = {0};

wchar_t filePath [TC_MAX_PATH + 1024];

// Strip quotation marks (if any)

if (path [0] == L'"')

{

BYTE hashVal[64];

sha512 (hashVal, pProviderCert->pCert->pbCertEncoded, pProviderCert->pCert->cbCertEncoded);

{

bResult = TRUE;

}

return bResult;

}

#include "Apidrvr.h"

#include "Keyfiles.h"

#include "Wipe.h"

#ifdef __cplusplus

extern "C" {

BL_Status_Protected

} BitLockerEncryptionStatus;

#define DEFAULT_VOL_CREATION_WIZARD_MODE WIZARD_MODE_FILE_CONTAINER

void DebugMsgBox (char *format, ...);

BOOL IsOSAtLeast (OSVersionEnum reqMinOS);

BOOL IsOSVersionAtLeast (OSVersionEnum reqMinOS, int reqMinServicePack);

BOOL Is64BitOs ();

BOOL IsARM();

BOOL IsServerOS ();

BOOL EnableProcessProtection();

void SafeOpenURL (LPCWSTR szUrl);

BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter);

#ifdef _WIN64

void GetAppRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed);

#endif

};

BOOL GetHibernateStatus (BOOL& bHibernateEnabled, BOOL& bHiberbootEnabled);

#endif // __cplusplus

char *Salt;

} KeyDerivation;

};

} EncryptionThreadPoolWorkItem;

TC_SET_EVENT (WorkItemCompletedEvent);

continue;

default:

TC_THROW_FATAL_EXCEPTION;

}

TC_RELEASE_MUTEX (&EnqueueMutex);

}

void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo)

{

workItem->Encryption.UnitCount = unitsPerFragment;

workItem->Encryption.StartUnitNo.Value = fragmentStartUnitNo;

fragmentStartUnitNo += unitsPerFragment;

if (remainder > 0 && --remainder == 0)

{

EncryptDataUnitsWork,

DecryptDataUnitsWork,

} EncryptionThreadPoolWorkType;

#ifndef DEVICE_DRIVER

#endif

void EncryptionThreadPoolBeginKeyDerivation (TC_EVENT *completionEvent, TC_EVENT *noOutstandingWorkItemEvent, LONG *completionFlag, LONG *outstandingWorkItemCount, int pkcs5Prf, char *password, int passwordLength, char *salt, int iterationCount, char *derivedKey);

void EncryptionThreadPoolDoWork (EncryptionThreadPoolWorkType type, byte *data, const UINT64_STRUCT *startUnitNo, uint32 unitCount, PCRYPTO_INFO cryptoInfo);

BOOL EncryptionThreadPoolStart (size_t encryptionFreeCpuCount);

void EncryptionThreadPoolStop ();

XmlGetAttributeText (xml, "prog-version", attr, sizeof (attr));

// Check version of external language file

{

wchar_t m[2048];

StringCbPrintfW (m, sizeof(m), L"The installed language pack is incompatible with this version of VeraCrypt (the language pack is for VeraCrypt %hs). A newer version may be available at www.idrix.fr.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\VeraCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\VeraCrypt', etc.)", attr);

<entry lang="en" key="IDC_DEVICE_TRANSFORM_MODE_INPLACE">Encrypt partition in place</entry>

<entry lang="en" key="IDC_DISPLAY_KEYS">Display generated keys (their portions)</entry>

<entry lang="en" key="IDC_DISPLAY_POOL_CONTENTS">Display pool content</entry>

<entry lang="en" key="IDC_FILE_CONTAINER">Create an encrypted file container</entry>

<entry lang="en" key="IDC_GB">&amp;GiB</entry>

<entry lang="en" key="IDC_TB">&amp;TiB</entry>

<entry lang="en" key="OVERWRITEPROMPT_DEVICE_HIDDEN_OS_PARTITION">CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%s'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format?</entry>

<entry lang="en" key="OVERWRITEPROMPT_DEVICE_SECOND_WARNING_LOTS_OF_DATA">WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)!</entry>

<entry lang="en" key="ERASE_FILES_BY_CREATING_VOLUME">Erase any files stored on the partition by creating a VeraCrypt volume within it</entry>

<entry lang="en" key="PIM">PIM</entry>

<entry lang="en" key="IDD_PCDM_CHANGE_PKCS5_PRF">Set Header Key Derivation Algorithm</entry>

<entry lang="en" key="IDD_PCDM_ADD_REMOVE_VOL_KEYFILES">Add/Remove Keyfiles to/from Volume</entry>

<entry lang="en" key="HEADER_RESTORE_INTERNAL">Restore the volume header from the backup embedded in the volume</entry>

<entry lang="en" key="HEADER_RESTORE_EXTERNAL">Restore the volume header from an external backup file</entry>

<entry lang="en" key="HEADER_BACKUP_SIZE_INCORRECT">The size of the volume header backup file is incorrect.</entry>

<entry lang="en" key="BACKUP_HEADER_NOT_FOR_SYS_DEVICE">You are attempting to back up the header of the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk?</entry>

<entry lang="en" key="RESTORE_HEADER_NOT_FOR_SYS_DEVICE">You are attempting to restore the header of a virtual VeraCrypt volume but you selected the system partition/drive. This is not allowed. Backup/restore operations pertaining to the system partition/drive can be performed only using the VeraCrypt Rescue Disk.\n\nDo you want to create a VeraCrypt Rescue Disk?</entry>

<entry lang="en" key="RESCUE_DISK_NON_WIZARD_CREATION_SELECT_PATH">After you click OK, you will select a filename for the new VeraCrypt Rescue Disk image and the location where you wish to place it.</entry>

<entry lang="en" key="PIM_REQUIRE_LONG_PASSWORD">Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater.</entry>

<entry lang="en" key="BOOT_PIM_REQUIRE_LONG_PASSWORD">Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater.</entry>

<entry lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</entry>

<entry lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</entry>

<entry lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</entry>

<entry lang="en" key="ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION">It is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down.</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_CONNECTED_NOW">A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk.</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO">Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file).</entry>

<entry lang="en" key="RESCUE_DISK_RECORDING_TITLE">Rescue Disk Recording</entry>

<entry lang="en" key="RESCUE_DISK_CREATED_TITLE">Rescue Disk Created</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_TITLE">System Encryption Test</entry>

<entry lang="en" key="RESCUE_DISK_DISK_VERIFIED_TITLE">Rescue Disk Verified</entry>

<entry lang="en" key="RESCUE_DISK_VERIFIED_INFO">\nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue.</entry>

<entry lang="en" key="REMOVE_RESCUE_DISK_FROM_DRIVE">WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK.</entry>

<entry lang="en" key="PREBOOT_NOT_LOCALIZED">Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue?</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_1">IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_2">What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3">- If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_RESULT_TITLE">Pretest Successfully Completed</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_RESULT_INFO">If the encryption is interrupted you can resume it restarting VeraCrypt and selecting 'System' > 'Resume Interrupted Process'\n\nPlease make sure, that your device does not run out of power during the encryption process.</entry>

<entry lang="en" key="SYSENC_ENCRYPTION_PAGE_INFO">Make sure that your device does not run out of power.\nIf the encryption is interrupted you can resume it restarting VeraCrypt and selecting 'System' > 'Resume Interrupted Process'.</entry>

<entry lang="en" key="NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted.</entry>

<entry lang="en" key="NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted.</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE">Hidden System Started</entry>

<entry lang="en" key="LINUX_CROSS_SUPPORT_OTHER_HELP">Choose this option if you need to use the volume on other platforms.</entry>

<entry lang="en" key="LINUX_CROSS_SUPPORT_ONLY">I will mount the volume only on {0}</entry>

<entry lang="en" key="LINUX_CROSS_SUPPORT_ONLY_HELP">Choose this option if you do not need to use the volume on other platforms.</entry>

<entry lang="en" key="LINUX_DESELECT">Deselect</entry>

<entry lang="en" key="LINUX_ADMIN_PW_QUERY">Enter your user password or administrator password:</entry>

<entry lang="en" key="LINUX_ADMIN_PW_QUERY_TITLE">Administrator privileges required</entry>

<entry lang="en" key="ENTER_PASSWORD">Enter password</entry>

<entry lang="en" key="ENTER_TC_VOL_PASSWORD">Enter VeraCrypt Volume Password</entry>

<entry lang="en" key="MOUNT">Mount</entry>

<entry lang="en" key="NO_VOLUMES_MOUNTED">No volumes mounted.</entry>

<entry lang="en" key="OPEN_NEW_VOLUME">Specify a New VeraCrypt Volume</entry>

<entry lang="en" key="PARAMETER_INCORRECT">Parameter incorrect</entry>

<entry lang="en" key="UNKNOWN_OPTION">Unknown option</entry>

<entry lang="en" key="VOLUME_LOCATION">Volume Location</entry>

<entry lang="en" key="VOLUME_HOST_IN_USE">WARNING: The host file/device {0} is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device should be closed before mounting the volume.\n\nContinue mounting?</entry>

<entry lang="en" key="RESCUE_DISK_CHECKLIST_A">Store your password in a safe location. You can not recover your data without your password.\nThat is why VeraCrypt is considered to be secure.</entry>

<entry lang="en" key="RESCUE_DISK_CHECKLIST_B">Make sure that the rescue file is stored on an external medium. This could be a flash drive, an external hard drive or even a cloud storage.\nYour rescue file is located here:</entry>

<entry lang="en" key="RESCUE_DISK_CHECKLIST_C">Before you start encrypting your system, it is always a good idea to backup your personal data on an external drive for the unlikely case that the encryption process fails.</entry>

#include "Random.h"

#include <io.h>

#ifndef SRC_POS

#define SRC_POS (__FUNCTION__ ":" TC_TO_STRING(__LINE__))

if (bDevice == FALSE)

{

}

else

{

#define TC_APP_NAME "VeraCrypt"

// Version displayed to user

#ifdef VC_EFI_CUSTOM_MODE

#define VERSION_STRING_SUFFIX "-CustomEFI"

#else

#define VERSION_STRING_SUFFIX ""

#endif

// Version number to compare against driver

// Release date

#define BYTES_PER_KB 1024LL

#define BYTES_PER_MB 1048576LL

typedef CHAR16 wchar_t;

typedef int LONG;

#define wcslen StrLen

#define wcscmp StrCmp

#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))

#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))

#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)

#define strcmp AsciiStrCmp

#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))

#define strncpy(strDest,strSource,count) AsciiStrnCpyS(strDest,MAX_STRING_SIZE,strSource,(UINTN)count)

#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))

#define strstr AsciiStrStr

if (!EAIsModeSupported (ci->ea, ci->mode))

continue;

if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS)

return FALSE;

if (!EAIsModeSupported (ci->ea, ci->mode))

continue;

if (EAInit (ci->ea, key1, ci->ks) != ERR_SUCCESS)

return FALSE;

int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)

{

char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];

PCRYPTO_INFO cryptoInfo;

CRYPTOPP_ALIGN_DATA(16) char dk[MASTER_KEYDATA_SIZE];

int enqPkcs5Prf, pkcs5_prf;

int primaryKeyOffset;

int pkcs5PrfCount = LAST_PRF_ID - FIRST_PRF_ID + 1;

#if !defined(_UEFI)

KeyDerivationWorkItem *keyDerivationWorkItems = NULL;

KeyDerivationWorkItem *item;

size_t encryptionThreadCount = GetEncryptionThreadCount();

int i;

#endif

size_t queuedWorkItems = 0;

// if no PIM specified, use default value

if (pim < 0)

pim = 0;

/* use thread pool only if no PRF was specified */

if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))

{

if (!keyDerivationWorkItems)

return ERR_OUTOFMEMORY;

for (i = 0; i < pkcs5PrfCount; ++i)

keyDerivationWorkItems[i].Free = TRUE;

#ifdef DEVICE_DRIVER

#else

{

TCfree (keyDerivationWorkItems);

return ERR_OUTOFMEMORY;

}

{

CloseHandle (keyDerivationCompletedEvent);

TCfree (keyDerivationWorkItems);

return ERR_OUTOFMEMORY;

}

#endif

}

#if !defined(DEVICE_DRIVER)

VirtualLock (&dk, sizeof (dk));

VirtualLock (&header, sizeof (header));

#endif

#endif // !defined(_UEFI)

// PKCS5 is used to derive the primary header key(s) and secondary header key(s) (XTS mode) from the password

// Test all available PKCS5 PRFs

for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)

item->KeyReady = FALSE;

item->Pkcs5Prf = enqPkcs5Prf;

++queuedWorkItems;

break;

if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)

{

pkcs5_prf = item->Pkcs5Prf;

memcpy (dk, item->DerivedKey, sizeof (dk));

item->Free = TRUE;

}

if (queuedWorkItems > 0)

}

continue;

KeyReady: ;

#endif // !defined(_UEFI)

{

pkcs5_prf = enqPkcs5Prf;

switch (pkcs5_prf)

{

case RIPEMD160:

break;

case SHA512:

break;

case WHIRLPOOL:

break;

case SHA256:

break;

case STREEBOG:

break;

default:

// Unknown/wrong ID

if (retInfo == NULL)

{

cryptoInfo->pkcs5 = pkcs5_prf;

cryptoInfo->bTrueCryptMode = truecryptMode;

cryptoInfo->volumePim = pim;

goto ret;

}

// Master key data

#ifdef TC_WINDOWS_DRIVER

{

RMD160_CTX ctx;

RMD160Init (&ctx);

RMD160Update (&ctx, header, sizeof(header));

RMD160Final (cryptoInfo->master_keydata_hash, &ctx);

burn(&ctx, sizeof (ctx));

}

#else

#endif

// PKCS #5

cryptoInfo->pkcs5 = pkcs5_prf;

cryptoInfo->bTrueCryptMode = truecryptMode;

cryptoInfo->volumePim = pim;

// Init the cipher with the decrypted master key

if (status == ERR_CIPHER_INIT_FAILURE)

goto err;

#ifndef TC_WINDOWS_DRIVER

// The secondary master key (if cascade, multiple concatenated)

#endif

{

status = ERR_MODE_INIT_FAILED;

goto err;

*retInfo = NULL;

}

burn (dk, sizeof(dk));

burn (header, sizeof(header));

#if !defined(DEVICE_DRIVER) && !defined(_UEFI)

VirtualUnlock (&dk, sizeof (dk));

VirtualUnlock (&header, sizeof (header));

#endif

#if !defined(_UEFI)

if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))

{

}

#endif

return status;

}

#if !defined(_UEFI)

#include <windows.h>

#include <stdio.h>

#else

#include "Tcdefs.h"

#pragma warning( disable : 4706 ) // assignment within conditional expression

case '&':

if (textDst + 6 > textDstLast)

return NULL;

textDst += 5;

continue;

case '>':

if (textDst + 5 > textDstLast)

return NULL;

textDst += 4;

continue;

case '<':

if (textDst + 5 > textDstLast)

return NULL;

textDst += 4;

continue;

default:

*textDst++ = c;

}

}

case L'&':

if (textDst + 6 > textDstLast)

return NULL;

textDst += 5;

continue;

case L'>':

if (textDst + 5 > textDstLast)

return NULL;

textDst += 4;

continue;

case L'<':

if (textDst + 5 > textDstLast)

return NULL;

textDst += 4;

continue;

default:

*textDst++ = c;

}

}