and are governed by the Apache License 2.0 the full text of which is

contained in the file License.txt included in VeraCrypt binary and source

code distribution packages.

*/

#include "TCdefs.h"

#include <ntddk.h>

#include <ntddvol.h>

#include <Ntstrsafe.h>

#include "Cache.h"

#include "Crc.h"

#include "Crypto.h"

#include "Apidrvr.h"

#include "EncryptedIoQueue.h"

#include "Common/Endian.h"

#include "Ntdriver.h"

#include "Ntvol.h"

#include "Volumes.h"

#include "VolumeFilter.h"

#include "Wipe.h"

#include "DriveFilter.h"

#include "Boot/Windows/BootCommon.h"

#include "cpu.h"

#include "rdrand.h"

#include "chachaRng.h"

static BOOL DeviceFilterActive = FALSE;

BOOL BootArgsValid = FALSE;

BootArguments BootArgs;

uint32 BootSecRegionSize = 0;

uint32 BootPkcs5 = 0;

static uint64 BootLoaderArgsPtr;

static BOOL BootDriveSignatureValid = FALSE;

static KMUTEX MountMutex;

static volatile BOOL BootDriveFound = FALSE;

static DriveFilterExtension *BootDriveFilterExtension = NULL;

static LARGE_INTEGER BootDriveLength;

static BOOL CrashDumpEnabled = FALSE;

static BOOL HibernationEnabled = FALSE;

static BOOL LegacyHibernationDriverFilterActive = FALSE;

static MDL *HibernationWriteBufferMdl = NULL;

static uint32 HibernationPreventionCount = 0;

static BootEncryptionSetupRequest SetupRequest;

static volatile BOOL SetupInProgress = FALSE;

PKTHREAD EncryptionSetupThread = NULL;

static volatile BOOL EncryptionSetupThreadAbortRequested;

static KSPIN_LOCK SetupStatusSpinLock;

static int64 SetupStatusEncryptedAreaEnd;

static BOOL TransformWaitingForIdle;

static NTSTATUS SetupResult;

static WipeDecoySystemRequest WipeDecoyRequest;

static volatile BOOL DecoySystemWipeInProgress = FALSE;

static volatile BOOL DecoySystemWipeThreadAbortRequested;

static KSPIN_LOCK DecoySystemWipeStatusSpinLock;

static int64 DecoySystemWipedAreaEnd;

PKTHREAD DecoySystemWipeThread = NULL;

static NTSTATUS DecoySystemWipeResult;

static uint64 BootArgsRegionsDefault[] = { EFI_BOOTARGS_REGIONS_DEFAULT };

static uint64 BootArgsRegionsEFI[] = { EFI_BOOTARGS_REGIONS_EFI };

NTSTATUS LoadBootArguments (BOOL bIsEfi)

{

NTSTATUS status = STATUS_UNSUCCESSFUL;

PHYSICAL_ADDRESS bootArgsAddr;

uint16 bootLoaderArgsIndex;

uint64* BootArgsRegionsPtr = bIsEfi? BootArgsRegionsEFI : BootArgsRegionsDefault;

size_t BootArgsRegionsCount = bIsEfi? sizeof(BootArgsRegionsEFI)/ sizeof(BootArgsRegionsEFI[0]) : sizeof(BootArgsRegionsDefault)/ sizeof(BootArgsRegionsDefault[0]);

KeInitializeMutex (&MountMutex, 0);

// __debugbreak();

for (bootLoaderArgsIndex = 0;

bootLoaderArgsIndex < BootArgsRegionsCount && status != STATUS_SUCCESS;

++bootLoaderArgsIndex)

{

bootArgsAddr.QuadPart = BootArgsRegionsPtr[bootLoaderArgsIndex] + TC_BOOT_LOADER_ARGS_OFFSET;

Dump ("Checking BootArguments at 0x%x\n", bootArgsAddr.LowPart);

mappedBootArgs = MmMapIoSpace (bootArgsAddr, sizeof (BootArguments), MmCached);

if (!mappedBootArgs)

return STATUS_INSUFFICIENT_RESOURCES;

if (TC_IS_BOOT_ARGUMENTS_SIGNATURE (mappedBootArgs))

{

BootArguments *bootArguments = (BootArguments *) mappedBootArgs;

Dump ("BootArguments found at 0x%x\n", bootArgsAddr.LowPart);

DumpMem (mappedBootArgs, sizeof (BootArguments));

if (bootArguments->BootLoaderVersion == VERSION_NUM

{

Dump ("BootArguments CRC incorrect\n");

burn (mappedBootArgs, sizeof (BootArguments));

MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));

mappedBootArgs = NULL;

TC_BUG_CHECK (STATUS_CRC_ERROR);

}

// Sanity check: for valid boot argument, the password is less than 64 bytes long

if (bootArguments->BootPassword.Length <= MAX_LEGACY_PASSWORD)

{

BootLoaderArgsPtr = BootArgsRegionsPtr[bootLoaderArgsIndex];

BootArgs = *bootArguments;

BootArgsValid = TRUE;

burn (bootArguments, sizeof (*bootArguments));

BootDriveSignatureValid = TRUE;

Dump ("BootLoaderVersion = %x\n", (int) BootArgs.BootLoaderVersion);

Dump ("HeaderSaltCrc32 = %x\n", (int) BootArgs.HeaderSaltCrc32);

Dump ("CryptoInfoOffset = %x\n", (int) BootArgs.CryptoInfoOffset);

Dump ("CryptoInfoLength = %d\n", (int) BootArgs.CryptoInfoLength);

Dump ("HiddenSystemPartitionStart = %I64u\n", BootArgs.HiddenSystemPartitionStart);

Dump ("DecoySystemPartitionStart = %I64u\n", BootArgs.DecoySystemPartitionStart);

Dump ("Flags = %x\n", BootArgs.Flags);

Dump ("BootDriveSignature = %x\n", BootArgs.BootDriveSignature);

Dump ("BootArgumentsCrc32 = %x\n", BootArgs.BootArgumentsCrc32);

// clear fingerprint

burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));

MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));

mappedBootArgs = NULL;

// Extra parameters? (pkcs5, hash)

if (BootArgs.CryptoInfoLength > 0)

{

PHYSICAL_ADDRESS cryptoInfoAddress;

cryptoInfoAddress.QuadPart = BootLoaderArgsPtr + BootArgs.CryptoInfoOffset;

Dump ("CryptoInfo memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);

mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);

if (mappedCryptoInfo)

{

/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */

BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;

BootPkcs5 = pBootCryptoInfo->pkcs5; // save hash to speed up boot.

BootSecRegionData = NULL;

BootSecRegionSize = 0;

// SecRegion data?

if(BootArgs.CryptoInfoLength > (sizeof(BOOT_CRYPTO_HEADER) + sizeof(SECREGION_BOOT_PARAMS)) ) {

uint32 crc;

PHYSICAL_ADDRESS SecRegionAddress;

SECREGION_BOOT_PARAMS* SecRegionParams = (SECREGION_BOOT_PARAMS*) (mappedCryptoInfo + sizeof(BOOT_CRYPTO_HEADER) + 2);

SecRegionAddress.QuadPart = SecRegionParams->Ptr;

Dump ("SecRegion memory 0x%x %d\n", SecRegionAddress.LowPart, SecRegionParams->Size);

// SecRegion correct?

if( (SecRegionParams->Ptr != 0) && (SecRegionParams->Size > 0)) {

if(crc == SecRegionParams->Crc) {

Dump ("SecRegion crc ok\n");

secRegionData = MmMapIoSpace (SecRegionAddress, SecRegionParams->Size, MmCached);

if(secRegionData) {

BootSecRegionData = TCalloc (SecRegionParams->Size);

if(BootSecRegionData != NULL) {

BootSecRegionSize = SecRegionParams->Size;

memcpy(BootSecRegionData, secRegionData, SecRegionParams->Size);

}

burn (secRegionData, SecRegionParams->Size);

MmUnmapIoSpace (secRegionData, SecRegionParams->Size);

}

}

}

}

// Erase boot loader scheduled keys

burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);

MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);

BootArgs.CryptoInfoLength = 0;

}

else

{

BootArgs.CryptoInfoLength = 0;

}

}

status = STATUS_SUCCESS;

}

else

{

Dump ("BootArguments contains a password larger than maximum limit\n");

Extension->DriveMounted = FALSE;

Dump ("Drive dismount done!\n");

}

static void InvalidateVolumeKeys (EXTENSION *Extension)

{

Dump ("Invalidating volume encryption keys\n");

Extension->Queue.ThreadBlockReadWrite = TRUE;

crypto_eraseKeys ((PCRYPTO_INFO) Extension->Queue.CryptoInfo);

crypto_eraseKeys ((PCRYPTO_INFO) Extension->cryptoInfo);

Dump ("Volume encryption keys invalidated!\n");

}

static void InvalidateDriveFilterKeys (DriveFilterExtension *Extension)

{

Dump ("Invalidating drive filter encryption keys\n");

ASSERT (Extension->DriveMounted);

Extension->Queue.ThreadBlockReadWrite = TRUE;

crypto_eraseKeys ((PCRYPTO_INFO) Extension->Queue.CryptoInfo);

crypto_eraseKeys ((PCRYPTO_INFO) Extension->HeaderCryptoInfo);

Dump ("Drive filter encryption keys invalidated!\n");

}

{

NTSTATUS status;

LARGE_INTEGER offset;

WHIRLPOOL_CTX whirlpool;

sha512_ctx sha2;

ULONG bytesToRead, remainingBytes, bootloaderTotalSize = TC_BOOT_LOADER_AREA_SIZE - TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE;

// clear fingerprint

burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));

// compute Whirlpool+SHA512 fingerprint of bootloader including MBR

// we skip user configuration fields:

// TC_BOOT_SECTOR_PIM_VALUE_OFFSET = 400

// TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET = 402

// => TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE = 4

// TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = 406

// => TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH = 24

// TC_BOOT_SECTOR_USER_CONFIG_OFFSET = 438

//

// we have: TC_BOOT_SECTOR_USER_MESSAGE_OFFSET = TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_SIZE

WHIRLPOOL_init (&whirlpool);

sha512_begin (&sha2);

// read the first 512 bytes

offset.QuadPart = 0;

status = TCReadDevice (LowerDeviceObject, ioBuffer, offset, TC_SECTOR_SIZE_BIOS);

if (NT_SUCCESS (status))

{

NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;

if (NT_SUCCESS (saveStatus))

#ifdef _WIN64

KeRestoreExtendedProcessorStateVC(&SaveState);

#else

KeRestoreFloatingPointState (&floatingPointState);

#endif

}

else

{

Dump ("TCReadDevice error %x during ComputeBootLoaderFingerprint call\n", status);

}

}

static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, uint32 *headerSaltCrc32)

{

BOOL hiddenVolume = (BootArgs.HiddenSystemPartitionStart != 0);

int64 hiddenHeaderOffset = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET;

NTSTATUS status;

LARGE_INTEGER offset;

char *header;

int pkcs5_prf = 0, pim = 0;

PARTITION_INFORMATION_EX pi;

BOOL bIsGPT = FALSE;

Dump ("MountDrive pdo=%p\n", Extension->Pdo);

ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);

// Check disk MBR id and GPT ID if BootSecRegion is available to detect boot drive

if (BootSecRegionData != NULL && BootSecRegionSize >= 1024) {

DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);

offset.QuadPart = 0;

status = TCReadDevice (Extension->LowerDeviceObject, mbr, offset, TC_SECTOR_SIZE_BIOS);

if (NT_SUCCESS (status) && DeList->DE[DE_IDX_DISKID].DiskId.MbrID != *(uint32 *) (mbr + 0x1b8))

return STATUS_UNSUCCESSFUL;

offset.QuadPart = 512;

status = TCReadDevice (Extension->LowerDeviceObject, mbr, offset, TC_SECTOR_SIZE_BIOS);

if (NT_SUCCESS (status) && memcmp(&DeList->DE[DE_IDX_DISKID].DiskId.GptID, mbr + 0x38, sizeof(DCS_GUID)) != 0)

return STATUS_UNSUCCESSFUL;

header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

if (!header)

return STATUS_INSUFFICIENT_RESOURCES;

// Copy header from SecRegion instead of read from disk

memcpy(header, BootSecRegionData, 512);

// Set SecRegion data for the disk (sectors to substitute to hide GPT table)

Extension->Queue.SecRegionData = BootSecRegionData;

Extension->Queue.SecRegionSize = BootSecRegionSize;

} else {

// Check boot drive signature first (header CRC search could fail if a user restored the header to a non-boot drive)

if (BootDriveSignatureValid)

{

offset.QuadPart = 0;

status = TCReadDevice (Extension->LowerDeviceObject, mbr, offset, TC_SECTOR_SIZE_BIOS);

if (NT_SUCCESS (status) && BootArgs.BootDriveSignature != *(uint32 *) (mbr + 0x1b8))

return STATUS_UNSUCCESSFUL;

}

header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

if (!header)

return STATUS_INSUFFICIENT_RESOURCES;

offset.QuadPart = hiddenVolume ? hiddenHeaderOffset : TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET;

Dump ("Reading volume header at %I64u\n", offset.QuadPart);

status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

if (!NT_SUCCESS (status))

{

Dump ("TCReadDevice error %x\n", status);

goto ret;

}

Extension->Queue.SecRegionData = NULL;

Extension->Queue.SecRegionSize = 0;

}

if (headerSaltCrc32)

{

uint32 saltCrc = GetCrc32 (header, PKCS5_SALT_SIZE);

if (saltCrc != *headerSaltCrc32)

goto ret;

}

Extension->VolumeHeaderSaltCrc32 = saltCrc;

}

Extension->HeaderCryptoInfo = crypto_open();

if (!Extension->HeaderCryptoInfo)

{

status = STATUS_INSUFFICIENT_RESOURCES;

goto ret;

}

if (NT_SUCCESS(SendDeviceIoControlRequest (Extension->LowerDeviceObject, IOCTL_DISK_GET_PARTITION_INFO_EX, NULL, 0, &pi, sizeof (pi))))

{

bIsGPT = (pi.PartitionStyle == PARTITION_STYLE_GPT)? TRUE : FALSE;

}

if (BootPkcs5 > 0)

{

/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */

Hash* pHash = HashGet(BootPkcs5);

if (pHash && (bIsGPT || pHash->SystemEncryption))

pkcs5_prf = BootPkcs5;

}

pim = (int) (BootArgs.Flags >> 16);

if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)

{

status = STATUS_SUCCESS;

Dump ("Header decrypted\n");

// calculate Fingerprint

ComputeBootLoaderFingerprint (Extension->LowerDeviceObject, header);

if (Extension->Queue.CryptoInfo->hiddenVolume)

{

int64 hiddenPartitionOffset = BootArgs.HiddenSystemPartitionStart;

Dump ("Hidden volume start offset = %I64d\n", Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + hiddenPartitionOffset);

Extension->HiddenSystem = TRUE;

Extension->Queue.RemapEncryptedArea = TRUE;

Extension->Queue.RemappedAreaOffset = hiddenPartitionOffset + Extension->Queue.CryptoInfo->EncryptedAreaStart.Value - BootArgs.DecoySystemPartitionStart;

Extension->Queue.RemappedAreaDataUnitOffset = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value / ENCRYPTION_DATA_UNIT_SIZE - BootArgs.DecoySystemPartitionStart / ENCRYPTION_DATA_UNIT_SIZE;

Extension->Queue.CryptoInfo->EncryptedAreaStart.Value = BootArgs.DecoySystemPartitionStart;

if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart)

{

// we have already erased boot loader scheduled keys

TC_THROW_FATAL_EXCEPTION;

}

Dump ("RemappedAreaOffset = %I64d\n", Extension->Queue.RemappedAreaOffset);

Dump ("RemappedAreaDataUnitOffset = %I64d\n", Extension->Queue.RemappedAreaDataUnitOffset);

}

else

{

Extension->HiddenSystem = FALSE;

Extension->Queue.RemapEncryptedArea = FALSE;

}

Extension->ConfiguredEncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value;

Extension->ConfiguredEncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->VolumeSize.Value - 1;

Extension->Queue.EncryptedAreaStart = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value;

Extension->Queue.EncryptedAreaEnd = Extension->Queue.CryptoInfo->EncryptedAreaStart.Value + Extension->Queue.CryptoInfo->EncryptedAreaLength.Value - 1;

if (Extension->Queue.CryptoInfo->EncryptedAreaLength.Value == 0)

{

Extension->Queue.EncryptedAreaStart = -1;

Extension->Queue.EncryptedAreaEnd = -1;

}

Dump ("Loaded: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd);

Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);

// at this stage, we have already erased boot loader scheduled keys

BootDriveFilterExtension = Extension;

BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;

BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER;

// Try to load password cached if saved in SecRegion

if (BootSecRegionData != NULL && BootSecRegionSize > 1024) {

DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);

uint32 crc;

uint32 crcSaved;

crcSaved = DeList->CRC32;

DeList->CRC32 = 0;

if(crc == crcSaved){

if(DeList->DE[DE_IDX_PWDCACHE].Type == DE_PwdCache) {

uint64 sector = 0;

DCS_DEP_PWD_CACHE* pwdCache = (DCS_DEP_PWD_CACHE*)(BootSecRegionData + DeList->DE[DE_IDX_PWDCACHE].Sectors.Offset);

DecryptDataUnits((unsigned char*)pwdCache, (UINT64_STRUCT*)&sector, 1, Extension->Queue.CryptoInfo);

crcSaved = pwdCache->CRC;

pwdCache->CRC = 0;

crc = GetCrc32((unsigned char*)pwdCache, 512);

if(crcSaved == crc && pwdCache->Count < CACHE_SIZE){

uint32 i;

for(i = 0; i<pwdCache->Count; ++i){

if (CacheBootPassword && pwdCache->Pwd[i].Length > 0) {

int cachedPim = CacheBootPim? (int) (pwdCache->Pim[i]) : 0;

AddLegacyPasswordToCache (&pwdCache->Pwd[i], cachedPim);

}

}

burn(pwdCache, sizeof(*pwdCache));

}

}

}

}

if (CacheBootPassword && BootArgs.BootPassword.Length > 0)

{

int cachedPim = CacheBootPim? pim : 0;

AddLegacyPasswordToCache (&BootArgs.BootPassword, cachedPim);

}

burn (&BootArgs.BootPassword, sizeof (BootArgs.BootPassword));

}

else if (!LegacyHibernationDriverFilterActive)

StartLegacyHibernationDriverFilter();

// Hidden system hibernation is not supported if an extra boot partition is present as the system is not allowed to update the boot partition

if (IsHiddenSystemRunning() && (BootArgs.Flags & TC_BOOT_ARGS_FLAG_EXTRA_BOOT_PARTITION))

{

CrashDumpEnabled = FALSE;

HibernationEnabled = FALSE;

}

}

else

{

Dump ("Header not decrypted\n");

crypto_close (Extension->HeaderCryptoInfo);

Extension->HeaderCryptoInfo = NULL;

status = STATUS_UNSUCCESSFUL;

}

ret:

TCfree (header);

return status;

}

static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension)

{

NTSTATUS status = STATUS_SUCCESS;

LARGE_INTEGER offset;

header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

if (!header)

return STATUS_INSUFFICIENT_RESOURCES;

offset.QuadPart = TC_BOOT_VOLUME_HEADER_SECTOR_OFFSET;

status = TCReadDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

if (!NT_SUCCESS (status))

{

Dump ("TCReadDevice error %x", status);

goto ret;

}

Dump ("Saving: ConfiguredEncryptedAreaStart=%I64d (%I64d) ConfiguredEncryptedAreaEnd=%I64d (%I64d)\n", Extension->ConfiguredEncryptedAreaStart / 1024 / 1024, Extension->ConfiguredEncryptedAreaStart, Extension->ConfiguredEncryptedAreaEnd / 1024 / 1024, Extension->ConfiguredEncryptedAreaEnd);

Dump ("Saving: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);

if (Extension->Queue.EncryptedAreaStart == -1 || Extension->Queue.EncryptedAreaEnd == -1

|| Extension->Queue.EncryptedAreaEnd <= Extension->Queue.EncryptedAreaStart)

{

if (SetupRequest.SetupMode == SetupDecryption)

{

memset (header, 0, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);

Extension->VolumeHeaderPresent = FALSE;

}

}

else

{

uint32 headerCrc32;

uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart;

PCRYPTO_INFO pCryptoInfo = Extension->HeaderCryptoInfo;

#ifdef _WIN64

CRYPTO_INFO tmpCI;

if (IsRamEncryptionEnabled())

{

memcpy (&tmpCI, pCryptoInfo, sizeof (CRYPTO_INFO));

VcUnprotectKeys (&tmpCI, VcGetEncryptionID (pCryptoInfo));

pCryptoInfo = &tmpCI;

}

#endif

DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo);

if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)

{

Dump ("Header not decrypted");

status = STATUS_UNKNOWN_REVISION;

goto ret;

}

mputInt64 (fieldPos, encryptedAreaLength);

headerCrc32 = GetCrc32 (header + TC_HEADER_OFFSET_MAGIC, TC_HEADER_OFFSET_HEADER_CRC - TC_HEADER_OFFSET_MAGIC);

fieldPos = header + TC_HEADER_OFFSET_HEADER_CRC;

mputLong (fieldPos, headerCrc32);

EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo);

#ifdef _WIN64

if (IsRamEncryptionEnabled())

{

BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5;

BootDriveFilterExtension->Queue.CryptoInfo->noIterations = BootDriveFilterExtension->HeaderCryptoInfo->noIterations;

BootDriveFilterExtension->Queue.CryptoInfo->volumePim = BootDriveFilterExtension->HeaderCryptoInfo->volumePim;

irp->IoStatus.Status = STATUS_SUCCESS;

}

else

{

crypto_close (BootDriveFilterExtension->HeaderCryptoInfo);

BootDriveFilterExtension->HeaderCryptoInfo = NULL;

Dump ("Header not reopened\n");

irp->IoStatus.Status = STATUS_INVALID_PARAMETER;

}

ret:

TCfree (header);

wipe:

burn (request, sizeof (*request));

}

// Legacy Windows XP/2003 hibernation dump filter

typedef NTSTATUS (*HiberDriverWriteFunctionA) (ULONG arg0, PLARGE_INTEGER writeOffset, PMDL dataMdl, PVOID arg3);

typedef NTSTATUS (*HiberDriverWriteFunctionB) (PLARGE_INTEGER writeOffset, PMDL dataMdl);

typedef struct

{

#ifdef _WIN64

HiberDriverWriteFunctionB WriteFunctionB;

#else

HiberDriverWriteFunctionB WriteFunctionB;

#endif

HiberDriverWriteFunctionA WriteFunctionA;

LARGE_INTEGER PartitionStartOffset;

} HiberDriverContext;

typedef NTSTATUS (*HiberDriverEntry) (PVOID arg0, HiberDriverContext *hiberDriverContext);

typedef struct

{

LIST_ENTRY ModuleList;

#ifdef _WIN64

#else

#endif

PVOID ModuleBaseAddress;

HiberDriverEntry ModuleEntryAddress;

#ifdef _WIN64

#else

#endif

UNICODE_STRING ModuleName;

} ModuleTableItem;

#define TC_MAX_HIBER_FILTER_COUNT 3

static int LastHiberFilterNumber = 0;

static HiberDriverEntry OriginalHiberDriverEntries[TC_MAX_HIBER_FILTER_COUNT];

static HiberDriverWriteFunctionA OriginalHiberDriverWriteFunctionsA[TC_MAX_HIBER_FILTER_COUNT];

static HiberDriverWriteFunctionB OriginalHiberDriverWriteFunctionsB[TC_MAX_HIBER_FILTER_COUNT];

static LARGE_INTEGER HiberPartitionOffset;

static NTSTATUS HiberDriverWriteFunctionFilter (int filterNumber, PLARGE_INTEGER writeOffset, PMDL dataMdl, BOOL writeB, ULONG arg0WriteA, PVOID arg3WriteA)

{

MDL *encryptedDataMdl = dataMdl;

if (writeOffset && dataMdl && BootDriveFilterExtension && BootDriveFilterExtension->DriveMounted)

{

ULONG dataLength = MmGetMdlByteCount (dataMdl);

if (dataMdl->MappedSystemVa && dataLength > 0)

{

uint64 offset = HiberPartitionOffset.QuadPart + writeOffset->QuadPart;

uint64 intersectStart;

uint32 intersectLength;

if (dataLength > TC_HIBERNATION_WRITE_BUFFER_SIZE)

err:

LegacyHibernationDriverFilterActive = FALSE;

CrashDumpEnabled = FALSE;

HibernationEnabled = FALSE;

if (HibernationWriteBufferMdl)

{

IoFreeMdl (HibernationWriteBufferMdl);

HibernationWriteBufferMdl = NULL;

}

if (HibernationWriteBuffer)

{

MmFreeContiguousMemory (HibernationWriteBuffer);

HibernationWriteBuffer = NULL;

}

}

static VOID SetupThreadProc (PVOID threadArg)

{

DriveFilterExtension *Extension = BootDriveFilterExtension;

LARGE_INTEGER offset;

UINT64_STRUCT dataUnit;

ULONG setupBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE;

BOOL headerUpdateRequired = FALSE;

int64 bytesWrittenSinceHeaderUpdate = 0;

KIRQL irql;

NTSTATUS status;

// generate real random values for wipeRandChars and

// wipeRandCharsUpdate instead of relying on uninitialized stack memory

ChaCha20RngCtx rngCtx;

GetDriverRandomSeed (pbSeed, sizeof (pbSeed));

ChaCha20RngInit (&rngCtx, pbSeed, GetDriverRandomSeed, 0);

ChaCha20RngGetBytes (&rngCtx, wipeRandChars, TC_WIPE_RAND_CHAR_COUNT);

ChaCha20RngGetBytes (&rngCtx, wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT);

burn (&rngCtx, sizeof (rngCtx));

FAST_ERASE64 (pbSeed, sizeof (pbSeed));

SetupResult = STATUS_UNSUCCESSFUL;

// Make sure volume header can be updated

if (Extension->HeaderCryptoInfo == NULL)

{

SetupResult = STATUS_INVALID_PARAMETER;

goto ret;

}

buffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);

if (!buffer)

{

SetupResult = STATUS_INSUFFICIENT_RESOURCES;

goto ret;

}

if (SetupRequest.SetupMode == SetupEncryption && SetupRequest.WipeAlgorithm != TC_WIPE_NONE)

{

wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);

if (!wipeBuffer)

goto err;

}

}

else if (SetupRequest.DiscardUnreadableEncryptedSectors && SetupRequest.SetupMode == SetupDecryption)

{

// Discard unreadable encrypted sectors

uint64 badSectorCount;

status = ReadDeviceSkipUnreadableSectors (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize, &badSectorCount);

if (!NT_SUCCESS (status))

{

SetupResult = status;

goto err;

}

}

else

{

SetupResult = status;

goto err;

}

}

dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE;

if (SetupRequest.SetupMode == SetupEncryption)

{

EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);

if (SetupRequest.WipeAlgorithm != TC_WIPE_NONE)

{

int wipePassCount = GetWipePassCount (SetupRequest.WipeAlgorithm);

if (wipePassCount <= 0)

{

SetupResult = STATUS_INVALID_PARAMETER;

goto err;

}

for (wipePass = 1; wipePass <= wipePassCount; ++wipePass)

{

if (!WipeBuffer (SetupRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, setupBlockSize))

{

ULONG i;

for (i = 0; i < setupBlockSize; ++i)

{

wipeBuffer[i] = buffer[i] + wipePass;

}

EncryptDataUnits (wipeBuffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);

memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate));

}

status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, setupBlockSize);

if (!NT_SUCCESS (status))

{

// Undo failed write operation

DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);

TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize);

SetupResult = status;

goto err;

if (ValidateIOBufferSize (irp, sizeof (BootEncryptionStatus), ValidateOutput))

{

DriveFilterExtension *Extension = BootDriveFilterExtension;

BootEncryptionStatus *bootEncStatus = (BootEncryptionStatus *) irp->AssociatedIrp.SystemBuffer;

memset (bootEncStatus, 0, sizeof (*bootEncStatus));

if (BootArgsValid)

bootEncStatus->BootLoaderVersion = BootArgs.BootLoaderVersion;

bootEncStatus->DeviceFilterActive = DeviceFilterActive;

bootEncStatus->SetupInProgress = SetupInProgress;

bootEncStatus->SetupMode = SetupRequest.SetupMode;

bootEncStatus->TransformWaitingForIdle = TransformWaitingForIdle;

if (!BootDriveFound || !Extension || !Extension->DriveMounted)

{

bootEncStatus->DriveEncrypted = FALSE;

bootEncStatus->DriveMounted = FALSE;

bootEncStatus->VolumeHeaderPresent = FALSE;

}

else

{

bootEncStatus->DriveMounted = Extension->DriveMounted;

bootEncStatus->VolumeHeaderPresent = Extension->VolumeHeaderPresent;

bootEncStatus->DriveEncrypted = Extension->Queue.EncryptedAreaStart != -1;

bootEncStatus->BootDriveLength = BootDriveLength;

bootEncStatus->ConfiguredEncryptedAreaStart = Extension->ConfiguredEncryptedAreaStart;

bootEncStatus->ConfiguredEncryptedAreaEnd = Extension->ConfiguredEncryptedAreaEnd;

bootEncStatus->EncryptedAreaStart = Extension->Queue.EncryptedAreaStart;

if (SetupInProgress)

{

KIRQL irql;

KeAcquireSpinLock (&SetupStatusSpinLock, &irql);

bootEncStatus->EncryptedAreaEnd = SetupStatusEncryptedAreaEnd;

KeReleaseSpinLock (&SetupStatusSpinLock, irql);

}

else

bootEncStatus->EncryptedAreaEnd = Extension->Queue.EncryptedAreaEnd;

bootEncStatus->VolumeHeaderSaltCrc32 = Extension->VolumeHeaderSaltCrc32;

bootEncStatus->HibernationPreventionCount = HibernationPreventionCount;

bootEncStatus->HiddenSysLeakProtectionCount = HiddenSysLeakProtectionCount;

bootEncStatus->HiddenSystem = Extension->HiddenSystem;

if (Extension->HiddenSystem)

bootEncStatus->HiddenSystemPartitionStart = BootArgs.HiddenSystemPartitionStart;

}

irp->IoStatus.Information = sizeof (BootEncryptionStatus);

irp->IoStatus.Status = STATUS_SUCCESS;

}

}

void GetBootLoaderVersion (PIRP irp, PIO_STACK_LOCATION irpSp)

{

if (ValidateIOBufferSize (irp, sizeof (uint16), ValidateOutput))

return BootDriveFilterExtension->Queue.CryptoInfo;

}

NTSTATUS AbortBootEncryptionSetup ()

{

if (!IoIsSystemThread (PsGetCurrentThread()) && !UserCanAccessDriveDevice())

return STATUS_ACCESS_DENIED;

if (EncryptionSetupThread)

{

EncryptionSetupThreadAbortRequested = TRUE;

TCStopThread (EncryptionSetupThread, NULL);

EncryptionSetupThread = NULL;

}

return STATUS_SUCCESS;

}

static VOID DecoySystemWipeThreadProc (PVOID threadArg)

{

DriveFilterExtension *Extension = BootDriveFilterExtension;

LARGE_INTEGER offset;

UINT64_STRUCT dataUnit;

ULONG wipeBlockSize = TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE;

CRYPTO_INFO *wipeCryptoInfo = NULL;

int wipePass, wipePassCount;

int ea = Extension->Queue.CryptoInfo->ea;

KIRQL irql;

NTSTATUS status;

DecoySystemWipeResult = STATUS_UNSUCCESSFUL;

wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);

if (!wipeBuffer)

{

DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES;

goto ret;

}

wipeRandBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);

if (!wipeRandBuffer)

{

DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES;

goto ret;

}

wipeCryptoInfo = crypto_open();

if (!wipeCryptoInfo)

{

DecoySystemWipeResult = STATUS_INSUFFICIENT_RESOURCES;

goto ret;

}

wipeCryptoInfo->ea = ea;

// Microsoft Visual C++ generated resource script.

//

#include "resource.h"

#define APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////

//

// Generated from the TEXTINCLUDE 2 resource.

//

#include "afxres.h"

/////////////////////////////////////////////////////////////////////////////

#undef APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////

// English (U.S.) resources

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)

#ifdef _WIN32

LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US

#pragma code_page(1252)

#endif //_WIN32

/////////////////////////////////////////////////////////////////////////////

//

// Version

//

VS_VERSION_INFO VERSIONINFO

FILEFLAGSMASK 0x17L

#ifdef _DEBUG

FILEFLAGS 0x1L

#else

FILEFLAGS 0x0L

#endif

FILEOS 0x4L

FILETYPE 0x3L

FILESUBTYPE 0x0L

BEGIN

BLOCK "StringFileInfo"

BEGIN

BLOCK "040904b0"

BEGIN

VALUE "CompanyName", "IDRIX"

VALUE "FileDescription", "VeraCrypt Driver"

VALUE "LegalTrademarks", "VeraCrypt"

VALUE "OriginalFilename", "veracrypt.sys"

VALUE "ProductName", "VeraCrypt"

END

END

BLOCK "VarFileInfo"

BEGIN

VALUE "Translation", 0x409, 1200

END

END

#ifdef APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// TEXTINCLUDE

//

1 TEXTINCLUDE

BEGIN

"resource.h\0"

END

2 TEXTINCLUDE

BEGIN

"#include ""afxres.h""\r\n"

"\0"

END

3 TEXTINCLUDE

BEGIN

"\r\n"

"\0"

/*

Derived from source code of TrueCrypt 7.1a, which is

Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed

by the TrueCrypt License 3.0.

Modifications and additions to the original source code (contained in this file)

and all other portions of this file are Copyright (c) 2013-2017 IDRIX

and are governed by the Apache License 2.0 the full text of which is

contained in the file License.txt included in VeraCrypt binary and source

code distribution packages.

*/

#include "DumpFilter.h"

#include "DriveFilter.h"

#include "Ntdriver.h"

#include "Tests.h"

#include "cpu.h"

static DriveFilterExtension *BootDriveFilterExtension = NULL;

static LARGE_INTEGER DumpPartitionOffset;

static SIZE_T WriteFilterBufferSize;

NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZATION_DATA filterInitData)

{

GetSystemDriveDumpConfigRequest dumpConfig;

PHYSICAL_ADDRESS highestAcceptableWriteBufferAddr;

STORAGE_DEVICE_NUMBER storageDeviceNumber;

PARTITION_INFORMATION partitionInfo;

LONG version;

NTSTATUS status;

Dump ("DumpFilterEntry type=%d\n", filterExtension->DumpType);

filterInitData->MajorVersion = DUMP_FILTER_MAJOR_VERSION;

filterInitData->MinorVersion = DUMP_FILTER_MINOR_VERSION;

filterInitData->Flags |= DUMP_FILTER_CRITICAL;

// Check driver version of the main device

status = TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version));

if (!NT_SUCCESS (status))

goto err;

if (version != VERSION_NUM)

{

status = STATUS_INVALID_PARAMETER;

goto err;

}

// Get dump configuration from the main device

IoReleaseRemoveLock (&item->Queue->RemoveLock, item->OriginalIrp);

if (NT_SUCCESS (item->Status))

{

if (item->Write)

item->Queue->TotalBytesWritten += item->OriginalLength;

else

item->Queue->TotalBytesRead += item->OriginalLength;

}

if (freeItem)

ReleasePoolBuffer (item->Queue, item);

}

static NTSTATUS CompleteOriginalIrp (EncryptedIoQueueItem *item, NTSTATUS status, ULONG_PTR information)

{

#ifdef TC_TRACE_IO_QUEUE

Dump ("< %I64d [%I64d] %c status=%x info=%I64d\n", item->OriginalIrpOffset, GetElapsedTime (&item->Queue->LastPerformanceCounter), item->Write ? 'W' : 'R', status, (int64) information);

#endif

TCCompleteDiskIrp (item->OriginalIrp, status, information);

item->Status = status;

OnItemCompleted (item, TRUE);

return status;

}

{

NTSTATUS status = STATUS_INVALID_PARAMETER;

if (buffer == queue->FragmentBufferA)

{

status = KeWaitForSingleObject (&queue->FragmentBufferAFreeEvent, Executive, KernelMode, FALSE, NULL);

}

else if (buffer == queue->FragmentBufferB)

{

status = KeWaitForSingleObject (&queue->FragmentBufferBFreeEvent, Executive, KernelMode, FALSE, NULL);

}

if (!NT_SUCCESS (status))

TC_BUG_CHECK (status);

}

{

if (buffer == queue->FragmentBufferA)

{

KeSetEvent (&queue->FragmentBufferAFreeEvent, IO_DISK_INCREMENT, FALSE);

}

else if (buffer == queue->FragmentBufferB)

{

KeSetEvent (&queue->FragmentBufferBFreeEvent, IO_DISK_INCREMENT, FALSE);

}

else

{

TC_BUG_CHECK (STATUS_INVALID_PARAMETER);

}

}

BOOL

UpdateBuffer(

uint64 bufferDiskOffset,

uint32 bufferLength,

BOOL doUpadte

)

{

uint64 intersectStart;

uint32 intersectLength;

uint32 i;

DCS_DISK_ENTRY_LIST *DeList = (DCS_DISK_ENTRY_LIST*)(secRegion + 512);

BOOL updated = FALSE;

if (secRegion == NULL) return FALSE;

for (i = 0; i < DeList->Count; ++i) {

if (DeList->DE[i].Type == DE_Sectors) {

GetIntersection(

bufferDiskOffset, bufferLength,

DeList->DE[i].Sectors.Start, DeList->DE[i].Sectors.Start + DeList->DE[i].Sectors.Length - 1,

&intersectStart, &intersectLength

);

if (intersectLength != 0) {

updated = TRUE;

if(doUpadte && buffer != NULL) {

// Dump("Subst data\n");

memcpy(

buffer + (intersectStart - bufferDiskOffset),

secRegion + DeList->DE[i].Sectors.Offset + (intersectStart - DeList->DE[i].Sectors.Start),

intersectLength

);

} else {

return TRUE;

while (!queue->ThreadExitRequested)

{

if (!NT_SUCCESS (KeWaitForSingleObject (&queue->IoThreadQueueNotEmptyEvent, Executive, KernelMode, FALSE, NULL)))

continue;

if (queue->ThreadExitRequested)

break;

while ((listEntry = ExInterlockedRemoveHeadList (&queue->IoThreadQueue, &queue->IoThreadQueueLock)))

{

InterlockedDecrement (&queue->IoThreadPendingRequestCount);

request = CONTAINING_RECORD (listEntry, EncryptedIoRequest, ListEntry);

#ifdef TC_TRACE_IO_QUEUE

Dump ("%c %I64d [%I64d] roff=%I64d rlen=%d\n", request->Item->Write ? 'W' : 'R', request->Item->OriginalIrpOffset.QuadPart, GetElapsedTime (&queue->LastPerformanceCounter), request->Offset.QuadPart, request->Length);

#endif

// Perform IO request if no preceding request of the item failed

if (NT_SUCCESS (request->Item->Status))

{

if (queue->ThreadBlockReadWrite)

request->Item->Status = STATUS_DEVICE_BUSY;

else if (queue->IsFilterDevice)

{

if (queue->RemapEncryptedArea && request->EncryptedLength > 0)

{

if (request->EncryptedLength != request->Length)

{

// Up to three subfragments may be required to handle a partially remapped fragment

int subFragment;

for (subFragment = 0 ; subFragment < 3; ++subFragment)

{

LARGE_INTEGER subFragmentOffset;

ULONG subFragmentLength = 0;

subFragmentOffset.QuadPart = request->Offset.QuadPart;

switch (subFragment)

{

case 0:

subFragmentLength = (ULONG) request->EncryptedOffset;

break;

case 1:

subFragmentOffset.QuadPart += request->EncryptedOffset + queue->RemappedAreaOffset;

subFragmentLength = request->EncryptedLength;

break;

case 2:

subFragmentOffset.QuadPart += request->EncryptedOffset + request->EncryptedLength;

subFragmentLength = (ULONG) (request->Length - (request->EncryptedOffset + request->EncryptedLength));

break;

}

if (subFragmentLength > 0)

{

if (request->Item->Write)

request->Item->Status = TCWriteDevice (queue->LowerDeviceObject, subFragmentData, subFragmentOffset, subFragmentLength);

else

request->Item->Status = TCCachedRead (queue, NULL, subFragmentData, subFragmentOffset, subFragmentLength);

switch (irpSp->MajorFunction)

{

case IRP_MJ_READ:

item->Write = FALSE;

item->OriginalOffset = irpSp->Parameters.Read.ByteOffset;

item->OriginalLength = irpSp->Parameters.Read.Length;

break;

case IRP_MJ_WRITE:

item->Write = TRUE;

item->OriginalOffset = irpSp->Parameters.Write.ByteOffset;

item->OriginalLength = irpSp->Parameters.Write.Length;

break;

default:

CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0);

continue;

}

#ifdef TC_TRACE_IO_QUEUE

item->OriginalIrpOffset = item->OriginalOffset;

#endif

// Handle misaligned read operations to work around a bug in Windows System Assessment Tool which does not follow FILE_FLAG_NO_BUFFERING requirements when benchmarking disk devices

if (queue->IsFilterDevice

&& !item->Write

&& item->OriginalLength > 0

&& (item->OriginalLength & (ENCRYPTION_DATA_UNIT_SIZE - 1)) == 0

&& (item->OriginalOffset.QuadPart & (ENCRYPTION_DATA_UNIT_SIZE - 1)) != 0)

{

ULONG alignedLength;

LARGE_INTEGER alignedOffset;

hResult = ULongAdd(item->OriginalLength, ENCRYPTION_DATA_UNIT_SIZE, &alignedLength);

if (hResult != S_OK)

{

CompleteOriginalIrp (item, STATUS_INVALID_PARAMETER, 0);

continue;

}

alignedOffset.QuadPart = item->OriginalOffset.QuadPart & ~((LONGLONG) ENCRYPTION_DATA_UNIT_SIZE - 1);

buffer = TCalloc (alignedLength);

if (!buffer)

{

CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0);

continue;

}

item->Status = TCReadDevice (queue->LowerDeviceObject, buffer, alignedOffset, alignedLength);

if (NT_SUCCESS (item->Status))

{

UINT64_STRUCT dataUnit;

dataBuffer = (PUCHAR) MmGetSystemAddressForMdlSafe (irp->MdlAddress, (HighPagePriority | ExDefaultMdlProtection));

if (!dataBuffer)

{

TCfree (buffer);

CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0);

continue;

// Divide data block to fragments to enable efficient overlapping of encryption and IO operations

dataRemaining = item->OriginalLength;

fragmentOffset = item->OriginalOffset;

while (dataRemaining > 0)

{

ULONG queueFragmentSize = queue->FragmentSize;

BOOL isLastFragment = dataRemaining <= queueFragmentSize;

ULONG dataFragmentLength = isLastFragment ? dataRemaining : queueFragmentSize;

activeFragmentBuffer = (activeFragmentBuffer == queue->FragmentBufferA ? queue->FragmentBufferB : queue->FragmentBufferA);

InterlockedIncrement (&queue->IoThreadPendingRequestCount);

// Create IO request

request = GetPoolBuffer (queue, sizeof (EncryptedIoRequest));

if (!request)

{

CompleteOriginalIrp (item, STATUS_INSUFFICIENT_RESOURCES, 0);

break;

}

request->Item = item;

request->CompleteOriginalIrp = isLastFragment;

request->Offset = fragmentOffset;

request->Data = activeFragmentBuffer;

request->OrigDataBufferFragment = dataBuffer;

request->Length = dataFragmentLength;

{

if (queue->EncryptedAreaStart == -1 || queue->EncryptedAreaEnd == -1)

{

request->EncryptedLength = 0;

}

else

{

// Get intersection of data fragment with encrypted area

GetIntersection (fragmentOffset.QuadPart, dataFragmentLength, queue->EncryptedAreaStart, queue->EncryptedAreaEnd, &intersectStart, &intersectLength);

request->EncryptedOffset = intersectStart - fragmentOffset.QuadPart;

request->EncryptedLength = intersectLength;

}

}

else

{

request->EncryptedOffset = 0;

request->EncryptedLength = dataFragmentLength;

}

AcquireFragmentBuffer (queue, activeFragmentBuffer);

if (item->Write)

{

// Encrypt data

memcpy (activeFragmentBuffer, dataBuffer, dataFragmentLength);

if (request->EncryptedLength > 0)

{

UINT64_STRUCT dataUnit;

#define TC_ENC_IO_QUEUE_MAX_FRAGMENT_SIZE (256 * 1024)

#define TC_ENC_IO_QUEUE_PREALLOCATED_ITEM_COUNT 8

#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_COUNT 16

#define TC_ENC_IO_QUEUE_PREALLOCATED_IO_REQUEST_MAX_COUNT 8192

typedef struct EncryptedIoQueueBufferStruct

{

struct EncryptedIoQueueBufferStruct *NextBuffer;

void *Address;

ULONG Size;

BOOL InUse;

} EncryptedIoQueueBuffer;

typedef struct

{

PDEVICE_OBJECT DeviceObject;

KMUTEX BufferPoolMutex;

EncryptedIoQueueBuffer *FirstPoolBuffer;

CRYPTO_INFO *CryptoInfo;

// File-handle-based IO

HANDLE HostFileHandle;

int64 VirtualDeviceLength;

SECURITY_CLIENT_CONTEXT *SecurityClientContext;

// Filter device

BOOL IsFilterDevice;

PDEVICE_OBJECT LowerDeviceObject;

int64 EncryptedAreaStart;

volatile int64 EncryptedAreaEnd;

volatile BOOL EncryptedAreaEndUpdatePending;

BOOL RemapEncryptedArea;

int64 RemappedAreaOffset;

int64 RemappedAreaDataUnitOffset;

IO_REMOVE_LOCK RemoveLock;

// Main tread

PKTHREAD MainThread;

LIST_ENTRY MainThreadQueue;

KSPIN_LOCK MainThreadQueueLock;

KEVENT MainThreadQueueNotEmptyEvent;

// IO thread

PKTHREAD IoThread;

LIST_ENTRY IoThreadQueue;

KSPIN_LOCK IoThreadQueueLock;

KEVENT IoThreadQueueNotEmptyEvent;

// Completion thread

PKTHREAD CompletionThread;

LIST_ENTRY CompletionThreadQueue;

KSPIN_LOCK CompletionThreadQueueLock;

KEVENT CompletionThreadQueueNotEmptyEvent;

// Fragment buffers

KEVENT FragmentBufferAFreeEvent;

KEVENT FragmentBufferBFreeEvent;

// Read-ahead buffer

BOOL ReadAheadBufferValid;

LARGE_INTEGER LastReadOffset;

ULONG LastReadLength;

LARGE_INTEGER ReadAheadOffset;

ULONG ReadAheadLength;

LARGE_INTEGER MaxReadAheadOffset;

LONG OutstandingIoCount;

KEVENT NoOutstandingIoEvent;

LONG IoThreadPendingRequestCount;

KEVENT PoolBufferFreeEvent;

__int64 TotalBytesRead;

__int64 TotalBytesWritten;

volatile BOOL StartPending;

volatile BOOL ThreadExitRequested;

volatile BOOL Suspended;

volatile BOOL SuspendPending;

volatile BOOL StopPending;

KEVENT QueueResumedEvent;

#ifdef TC_TRACE_IO_QUEUE

LARGE_INTEGER LastPerformanceCounter;

#endif

SIZE_T SecRegionSize;

volatile BOOL ThreadBlockReadWrite;

int FragmentSize;

} EncryptedIoQueue;

typedef struct

{

EncryptedIoQueue *Queue;

PIRP OriginalIrp;

BOOL Write;

ULONG OriginalLength;

LARGE_INTEGER OriginalOffset;

NTSTATUS Status;

#ifdef TC_TRACE_IO_QUEUE

LARGE_INTEGER OriginalIrpOffset;

#endif

} EncryptedIoQueueItem;

typedef struct

{

EncryptedIoQueueItem *Item;

BOOL CompleteOriginalIrp;

LARGE_INTEGER Offset;

ULONG Length;

int64 EncryptedOffset;

ULONG EncryptedLength;

LIST_ENTRY ListEntry;

LIST_ENTRY CompletionListEntry;

} EncryptedIoRequest;

NTSTATUS EncryptedIoQueueAddIrp (EncryptedIoQueue *queue, PIRP irp);

BOOL EncryptedIoQueueIsRunning (EncryptedIoQueue *queue);

BOOL EncryptedIoQueueIsSuspended (EncryptedIoQueue *queue);

NTSTATUS EncryptedIoQueueResumeFromHold (EncryptedIoQueue *queue);

NTSTATUS EncryptedIoQueueStart (EncryptedIoQueue *queue);

NTSTATUS EncryptedIoQueueStop (EncryptedIoQueue *queue);

NTSTATUS EncryptedIoQueueHoldWhenIdle (EncryptedIoQueue *queue, int64 timeout);

#endif // TC_HEADER_DRIVER_ENCRYPTED_IO_QUEUE

#

# Derived from source code of TrueCrypt 7.1a, which is

# Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed

# by the TrueCrypt License 3.0.

#

# Modifications and additions to the original source code (contained in this file)

# and all other portions of this file are Copyright (c) 2013-2017 IDRIX

# and are governed by the Apache License 2.0 the full text of which is

# contained in the file License.txt included in VeraCrypt binary and source

# code distribution packages.

#

NAME := Driver

OBJS :=

OBJS += FuseService.o

include $(BUILD_INC)/Makefile.inc

static int fuse_service_read (const char *path, char *buf, size_t size, off_t offset, struct fuse_file_info *fi)

{

try

{

if (!FuseService::CheckAccessRights())

return -EACCES;

if (strcmp (path, FuseService::GetVolumeImagePath()) == 0)

{

try

{

// Test for read beyond the end of the volume

if ((uint64) offset + size > FuseService::GetVolumeSize())

size = FuseService::GetVolumeSize() - offset;

size_t sectorSize = FuseService::GetVolumeSectorSize();

if (size % sectorSize != 0 || offset % sectorSize != 0)

{

// Support for non-sector-aligned read operations is required by some loop device tools

// which may analyze the volume image before attaching it as a device

uint64 alignedOffset = offset - (offset % sectorSize);

uint64 alignedSize = size + (offset % sectorSize);

if (alignedSize % sectorSize != 0)

alignedSize += sectorSize - (alignedSize % sectorSize);

SecureBuffer alignedBuffer (alignedSize);

FuseService::ReadVolumeSectors (alignedBuffer, alignedOffset);

}

else

{

}

}

catch (MissingVolumeData&)

{

return 0;

}

return size;

}

if (strcmp (path, FuseService::GetControlPath()) == 0)

{

shared_ptr <Buffer> infoBuf = FuseService::GetVolumeInfo();

if (offset >= (off_t) infoBuf->Size())

return 0;

if (offset + size > infoBuf->Size())

size = infoBuf->Size () - offset;

outBuf.CopyFrom (infoBuf->GetRange (offset, size));

return size;

}

}

catch (...)

{

return FuseService::ExceptionToErrorCode();

}

return -ENOENT;

}

static int fuse_service_readdir (const char *path, void *buf, fuse_fill_dir_t filler, off_t offset, struct fuse_file_info *fi)

{

try

{

if (!FuseService::CheckAccessRights())

return -EACCES;

if (strcmp (path, "/") != 0)

return -ENOENT;

filler (buf, ".", NULL, 0);

filler (buf, "..", NULL, 0);

filler (buf, FuseService::GetVolumeImagePath() + 1, NULL, 0);

filler (buf, FuseService::GetControlPath() + 1, NULL, 0);

}

catch (...)

{

return FuseService::ExceptionToErrorCode();

}

return 0;

}

static int fuse_service_write (const char *path, const char *buf, size_t size, off_t offset, struct fuse_file_info *fi)

{

try

{

if (!FuseService::CheckAccessRights())

return -EACCES;

if (strcmp (path, FuseService::GetVolumeImagePath()) == 0)

{

return size;

}

if (strcmp (path, FuseService::GetControlPath()) == 0)

{

if (FuseService::AuxDeviceInfoReceived())

return -EACCES;

return size;

}

}

#ifdef TC_FREEBSD

// FreeBSD apparently retries failed write operations forever, which may lead to a system crash.

catch (VolumeReadOnly&)

{

return size;

}

catch (VolumeProtected&)

{

return size;

}

#endif

catch (...)

{

return FuseService::ExceptionToErrorCode();

}

return -ENOENT;

}

bool FuseService::CheckAccessRights ()

{

return fuse_get_context()->uid == 0 || fuse_get_context()->uid == UserId;

}

void FuseService::CloseMountedVolume ()

{

if (MountedVolume)

fuse_service_oper.getattr = fuse_service_getattr;

fuse_service_oper.init = fuse_service_init;

fuse_service_oper.open = fuse_service_open;

fuse_service_oper.opendir = fuse_service_opendir;

fuse_service_oper.read = fuse_service_read;

fuse_service_oper.readdir = fuse_service_readdir;

fuse_service_oper.write = fuse_service_write;

// Create a new session

setsid ();

// Fork handler of termination signals

SignalHandlerPipe.reset (new Pipe);

int forkedPid = fork();

throw_sys_if (forkedPid == -1);

if (forkedPid == 0)

{

CloseMountedVolume();

struct sigaction action;

Memory::Zero (&action, sizeof (action));

action.sa_handler = OnSignal;

sigaction (SIGINT, &action, nullptr);

sigaction (SIGQUIT, &action, nullptr);

sigaction (SIGTERM, &action, nullptr);

// Wait for the exit of the main service

if (read (SignalHandlerPipe->GetReadFD(), buf, sizeof (buf))) { } // Errors ignored

_exit (0);

}

SignalHandlerPipe->GetWriteFD();

#ifdef TC_OPENBSD

_exit (fuse_main (argc, argv, &fuse_service_oper, NULL));

#else

_exit (fuse_main (argc, argv, &fuse_service_oper));

#endif

}

VolumeInfo FuseService::OpenVolumeInfo;

Mutex FuseService::OpenVolumeInfoMutex;

shared_ptr <Volume> FuseService::MountedVolume;

VolumeSlotNumber FuseService::SlotNumber;

uid_t FuseService::UserId;

gid_t FuseService::GroupId;

unique_ptr <Pipe> FuseService::SignalHandlerPipe;

}

*/

#ifndef TC_HEADER_Driver_Fuse_FuseService

#define TC_HEADER_Driver_Fuse_FuseService

#include "Platform/Platform.h"

#include "Platform/Unix/Pipe.h"

#include "Platform/Unix/Process.h"

#include "Volume/VolumeInfo.h"

#include "Volume/Volume.h"

namespace VeraCrypt

{

class FuseService

{

protected:

struct ExecFunctor : public ProcessExecFunctor

{

ExecFunctor (shared_ptr <Volume> openVolume, VolumeSlotNumber slotNumber)

: MountedVolume (openVolume), SlotNumber (slotNumber)

{

}

virtual void operator() (int argc, char *argv[]);

protected:

shared_ptr <Volume> MountedVolume;

VolumeSlotNumber SlotNumber;

};

public:

static bool AuxDeviceInfoReceived () { return !OpenVolumeInfo.VirtualDevice.IsEmpty(); }

static bool CheckAccessRights ();

static void Dismount ();

static int ExceptionToErrorCode ();

static const char *GetControlPath () { return "/control"; }

static const char *GetVolumeImagePath ();

static string GetDeviceType () { return "veracrypt"; }

static uid_t GetGroupId () { return GroupId; }

static uid_t GetUserId () { return UserId; }

static shared_ptr <Buffer> GetVolumeInfo ();

static uint64 GetVolumeSize ();

static uint64 GetVolumeSectorSize () { return MountedVolume->GetSectorSize(); }

static void Mount (shared_ptr <Volume> openVolume, VolumeSlotNumber slotNumber, const string &fuseMountPoint);

static void ReadVolumeSectors (const BufferPtr &buffer, uint64 byteOffset);

static void ReceiveAuxDeviceInfo (const ConstBufferPtr &buffer);

static void SendAuxDeviceInfo (const DirectoryPath &fuseMountPoint, const DevicePath &virtualDevice, const DevicePath &loopDevice = DevicePath());

static void WriteVolumeSectors (const ConstBufferPtr &buffer, uint64 byteOffset);

protected:

FuseService ();

static void CloseMountedVolume ();

static void OnSignal (int signal);

static VolumeInfo OpenVolumeInfo;

static Mutex OpenVolumeInfoMutex;

static shared_ptr <Volume> MountedVolume;

static VolumeSlotNumber SlotNumber;

static uid_t UserId;

* MmGetSystemRoutineAddress() should have been declare FARPROC instead of PVOID.

*/

#pragma warning(disable:4055)

PDRIVER_OBJECT TCDriverObject;

PDEVICE_OBJECT RootDeviceObject = NULL;

static KMUTEX RootDeviceControlMutex;

BOOL DriverShuttingDown = FALSE;

BOOL SelfTestsPassed;

int LastUniqueVolumeId;

ULONG OsMajorVersion = 0;

ULONG OsMinorVersion;

BOOL DriverUnloadDisabled = FALSE;

BOOL PortableMode = FALSE;

BOOL VolumeClassFilterRegistered = FALSE;

BOOL CacheBootPassword = FALSE;

BOOL CacheBootPim = FALSE;

BOOL NonAdminSystemFavoritesAccessDisabled = FALSE;

BOOL BlockSystemTrimCommand = FALSE;

BOOL AllowWindowsDefrag = FALSE;

BOOL EraseKeysOnShutdown = TRUE; // by default, we erase encryption keys on system shutdown

static size_t EncryptionThreadPoolFreeCpuCountLimit = 0;

static BOOL SystemFavoriteVolumeDirty = FALSE;

static BOOL PagingFileCreationPrevented = FALSE;

static BOOL EnableExtendedIoctlSupport = FALSE;

static BOOL AllowTrimCommand = FALSE;

static BOOL RamEncryptionActivated = FALSE;

static KeSaveExtendedProcessorStateFn KeSaveExtendedProcessorStatePtr = NULL;

static KeRestoreExtendedProcessorStateFn KeRestoreExtendedProcessorStatePtr = NULL;

static ExGetFirmwareEnvironmentVariableFn ExGetFirmwareEnvironmentVariablePtr = NULL;

static KeAreAllApcsDisabledFn KeAreAllApcsDisabledPtr = NULL;

static KeSetSystemGroupAffinityThreadFn KeSetSystemGroupAffinityThreadPtr = NULL;

static KeQueryActiveGroupCountFn KeQueryActiveGroupCountPtr = NULL;

static KeQueryActiveProcessorCountExFn KeQueryActiveProcessorCountExPtr = NULL;

int EncryptionIoRequestCount = 0;

int EncryptionItemCount = 0;

int EncryptionFragmentSize = 0;

POOL_TYPE ExDefaultNonPagedPoolType = NonPagedPool;

ULONG ExDefaultMdlProtection = 0;

PDEVICE_OBJECT VirtualVolumeDeviceObjects[MAX_MOUNTED_VOLUME_DRIVE_NUMBER + 1];

BOOL AlignValue (ULONG ulValue, ULONG ulAlignment, ULONG *pulResult)

{

BOOL bRet = FALSE;

HRESULT hr;

if (ulAlignment == 0)

{

*pulResult = ulValue;

bRet = TRUE;

}

else

{

ulAlignment -= 1;

hr = ULongAdd (ulValue, ulAlignment, &ulValue);

if (S_OK == hr)

{

*pulResult = ulValue & (~ulAlignment);

bRet = TRUE;

Dump ("IsUefiBoot BEGIN\n");

ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);

if (ExGetFirmwareEnvironmentVariablePtr)

{

ULONG valueLengh = 0;

UNICODE_STRING emptyName;

GUID guid;

RtlInitUnicodeString(&emptyName, L"");

memset (&guid, 0, sizeof(guid));

Dump ("IsUefiBoot calling ExGetFirmwareEnvironmentVariable\n");

ntStatus = ExGetFirmwareEnvironmentVariablePtr (&emptyName, &guid, NULL, &valueLengh, NULL);

Dump ("IsUefiBoot ExGetFirmwareEnvironmentVariable returned 0x%08x\n", ntStatus);

}

else

{

Dump ("IsUefiBoot ExGetFirmwareEnvironmentVariable not found on the system\n");

}

if (STATUS_NOT_IMPLEMENTED != ntStatus)

bStatus = TRUE;

Dump ("IsUefiBoot bStatus = %s END\n", bStatus? "TRUE" : "FALSE");

return bStatus;

}

void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed)

{

LARGE_INTEGER iSeed, iSeed2;

WHIRLPOOL_CTX tctx;

size_t count;

#ifndef _WIN64

KFLOATING_SAVE floatingPointState;

NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;

if (HasISSE())

saveStatus = KeSaveFloatingPointState (&floatingPointState);

#endif

while (cbRandSeed)

{

WHIRLPOOL_init (&tctx);

// we hash current content of digest buffer which is uninitialized the first time

WHIRLPOOL_add (digest, WHIRLPOOL_DIGESTSIZE, &tctx);

// we use various time information as source of entropy

KeQuerySystemTime( &iSeed );

WHIRLPOOL_add ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx);

iSeed = KeQueryPerformanceCounter (&iSeed2);

WHIRLPOOL_add ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx);

WHIRLPOOL_add ((unsigned char *) &(iSeed2.QuadPart), sizeof(iSeed2.QuadPart), &tctx);

/* use JitterEntropy library to get good quality random bytes based on CPU timing jitter */

if (0 == jent_entropy_init ())

{

struct rand_data *ec = jent_entropy_collector_alloc (1, 0);

if (ec)

{

ssize_t rndLen = jent_read_entropy (ec, (char*) digest, sizeof (digest));

if (rndLen > 0)

WHIRLPOOL_add (digest, (unsigned int) rndLen, &tctx);

jent_entropy_collector_free (ec);

}

}

// use RDSEED or RDRAND from CPU as source of entropy if enabled

if ( IsCpuRngEnabled() &&

( (HasRDSEED() && RDSEED_getBytes (digest, sizeof (digest)))

|| (HasRDRAND() && RDRAND_getBytes (digest, sizeof (digest)))

))

{

WHIRLPOOL_add (digest, sizeof(digest), &tctx);

}

WHIRLPOOL_finalize (&tctx, digest);

count = VC_MIN (cbRandSeed, sizeof (digest));

// copy digest value to seed buffer

memcpy (pbRandSeed, digest, count);

cbRandSeed -= count;

pbRandSeed += count;

RtlInitUnicodeString(&KeAreAllApcsDisabledFuncName, L"KeAreAllApcsDisabled");

KeAreAllApcsDisabledPtr = (KeAreAllApcsDisabledFn) MmGetSystemRoutineAddress(&KeAreAllApcsDisabledFuncName);

}

// KeSaveExtendedProcessorState/KeRestoreExtendedProcessorState are available starting from Windows 7

// KeQueryActiveGroupCount/KeQueryActiveProcessorCountEx/KeSetSystemGroupAffinityThread are available starting from Windows 7

if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 1))

{

UNICODE_STRING saveFuncName, restoreFuncName, groupCountFuncName, procCountFuncName, setAffinityFuncName;

RtlInitUnicodeString(&saveFuncName, L"KeSaveExtendedProcessorState");

RtlInitUnicodeString(&restoreFuncName, L"KeRestoreExtendedProcessorState");

RtlInitUnicodeString(&groupCountFuncName, L"KeQueryActiveGroupCount");

RtlInitUnicodeString(&procCountFuncName, L"KeQueryActiveProcessorCountEx");

RtlInitUnicodeString(&setAffinityFuncName, L"KeSetSystemGroupAffinityThread");

KeSaveExtendedProcessorStatePtr = (KeSaveExtendedProcessorStateFn) MmGetSystemRoutineAddress(&saveFuncName);

KeRestoreExtendedProcessorStatePtr = (KeRestoreExtendedProcessorStateFn) MmGetSystemRoutineAddress(&restoreFuncName);

KeSetSystemGroupAffinityThreadPtr = (KeSetSystemGroupAffinityThreadFn) MmGetSystemRoutineAddress(&setAffinityFuncName);

KeQueryActiveGroupCountPtr = (KeQueryActiveGroupCountFn) MmGetSystemRoutineAddress(&groupCountFuncName);

KeQueryActiveProcessorCountExPtr = (KeQueryActiveProcessorCountExFn) MmGetSystemRoutineAddress(&procCountFuncName);

}

// ExGetFirmwareEnvironmentVariable is available starting from Windows 8

if ((OsMajorVersion > 6) || (OsMajorVersion == 6 && OsMinorVersion >= 2))

{

UNICODE_STRING funcName;

RtlInitUnicodeString(&funcName, L"ExGetFirmwareEnvironmentVariable");

ExGetFirmwareEnvironmentVariablePtr = (ExGetFirmwareEnvironmentVariableFn) MmGetSystemRoutineAddress(&funcName);

}

// Load dump filter if the main driver is already loaded

if (NT_SUCCESS (TCDeviceIoControl (NT_ROOT_PREFIX, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &version, sizeof (version))))

return DumpFilterEntry ((PFILTER_EXTENSION) DriverObject, (PFILTER_INITIALIZATION_DATA) RegistryPath);

TCDriverObject = DriverObject;

memset (VirtualVolumeDeviceObjects, 0, sizeof (VirtualVolumeDeviceObjects));

ReadRegistryConfigFlags (TRUE);

EncryptionThreadPoolStart (EncryptionThreadPoolFreeCpuCountLimit);

SelfTestsPassed = AutoTestAlgorithms();

// Enable device class filters and load boot arguments if the driver is set to start at system boot

if (NT_SUCCESS (TCReadRegistryKey (RegistryPath, L"Start", &startKeyValue)))

{

if (startKeyValue->Type == REG_DWORD && *((uint32 *) startKeyValue->Data) == SERVICE_BOOT_START)

{

if (!SelfTestsPassed)

{

// in case of system encryption, if self-tests fail, disable all extended CPU

// features and try again in order to workaround faulty configurations

DisableCPUExtendedFeatures ();

SelfTestsPassed = AutoTestAlgorithms();

// BUG CHECK if the self-tests still fail

if (!SelfTestsPassed)

TC_BUG_CHECK (STATUS_INVALID_PARAMETER);

}

LoadBootArguments(IsUefiBoot ());

PDISK_GEOMETRY outputBuffer = (PDISK_GEOMETRY)

Irp->AssociatedIrp.SystemBuffer;

outputBuffer->MediaType = Extension->bRemovable ? RemovableMedia : FixedMedia;

outputBuffer->Cylinders.QuadPart = Extension->NumberOfCylinders;

outputBuffer->TracksPerCylinder = Extension->TracksPerCylinder;

outputBuffer->SectorsPerTrack = Extension->SectorsPerTrack;

outputBuffer->BytesPerSector = Extension->BytesPerSector;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (DISK_GEOMETRY);

}

break;

case IOCTL_DISK_GET_DRIVE_GEOMETRY_EX:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_DRIVE_GEOMETRY_EX)\n");

{

ULONG minOutputSize = IsOSAtLeast (WIN_SERVER_2003)? sizeof (DISK_GEOMETRY_EX) : sizeof (DISK_GEOMETRY) + sizeof (LARGE_INTEGER);

ULONG fullOutputSize = sizeof (DISK_GEOMETRY) + sizeof (LARGE_INTEGER) + sizeof (DISK_PARTITION_INFO) + sizeof (DISK_DETECTION_INFO);

if (ValidateIOBufferSize (Irp, minOutputSize, ValidateOutput))

{

PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);

BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= fullOutputSize)? TRUE : FALSE;

PDISK_GEOMETRY_EX outputBuffer = (PDISK_GEOMETRY_EX) Irp->AssociatedIrp.SystemBuffer;

outputBuffer->Geometry.MediaType = Extension->bRemovable ? RemovableMedia : FixedMedia;

outputBuffer->Geometry.Cylinders.QuadPart = Extension->NumberOfCylinders;

outputBuffer->Geometry.TracksPerCylinder = Extension->TracksPerCylinder;

outputBuffer->Geometry.SectorsPerTrack = Extension->SectorsPerTrack;

outputBuffer->Geometry.BytesPerSector = Extension->BytesPerSector;

if (bFullBuffer)

{

PDISK_PARTITION_INFO pPartInfo = (PDISK_PARTITION_INFO)(((ULONG_PTR) outputBuffer) + sizeof (DISK_GEOMETRY) + sizeof (LARGE_INTEGER));

PDISK_DETECTION_INFO pDetectInfo = ((PDISK_DETECTION_INFO)((((ULONG_PTR) pPartInfo) + sizeof (DISK_PARTITION_INFO))));

pPartInfo->SizeOfPartitionInfo = sizeof (DISK_PARTITION_INFO);

pPartInfo->PartitionStyle = PARTITION_STYLE_MBR;

pPartInfo->Mbr.Signature = GetCrc32((unsigned char*) &(Extension->UniqueVolumeId), 4);

pDetectInfo->SizeOfDetectInfo = sizeof (DISK_DETECTION_INFO);

Irp->IoStatus.Information = fullOutputSize;

}

else

{

if (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= sizeof (DISK_GEOMETRY_EX))

Irp->IoStatus.Information = sizeof (DISK_GEOMETRY_EX);

else

Irp->IoStatus.Information = minOutputSize;

}

Irp->IoStatus.Status = STATUS_SUCCESS;

}

}

break;

case IOCTL_STORAGE_GET_MEDIA_TYPES_EX:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_STORAGE_GET_MEDIA_TYPES_EX)\n");

if (ValidateIOBufferSize (Irp, sizeof (GET_MEDIA_TYPES), ValidateOutput))

}

else if (irpSp->Parameters.DeviceIoControl.OutputBufferLength == sizeof (STORAGE_DESCRIPTOR_HEADER))

{

PSTORAGE_DESCRIPTOR_HEADER outputBuffer = (PSTORAGE_DESCRIPTOR_HEADER) Irp->AssociatedIrp.SystemBuffer;

outputBuffer->Version = sizeof(DEVICE_TRIM_DESCRIPTOR);

outputBuffer->Size = sizeof(DEVICE_TRIM_DESCRIPTOR);

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (STORAGE_DESCRIPTOR_HEADER);

}

}

break;

}

}

}

}

}

break;

case IOCTL_DISK_GET_PARTITION_INFO:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_PARTITION_INFO)\n");

if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION), ValidateOutput))

{

PPARTITION_INFORMATION outputBuffer = (PPARTITION_INFORMATION)

Irp->AssociatedIrp.SystemBuffer;

outputBuffer->PartitionType = Extension->PartitionType;

outputBuffer->BootIndicator = FALSE;

outputBuffer->RecognizedPartition = TRUE;

outputBuffer->RewritePartition = FALSE;

outputBuffer->PartitionLength.QuadPart= Extension->DiskLength;

outputBuffer->PartitionNumber = 1;

outputBuffer->HiddenSectors = 0;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION);

}

break;

case IOCTL_DISK_GET_PARTITION_INFO_EX:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_PARTITION_INFO_EX)\n");

if (ValidateIOBufferSize (Irp, sizeof (PARTITION_INFORMATION_EX), ValidateOutput))

{

PPARTITION_INFORMATION_EX outputBuffer = (PPARTITION_INFORMATION_EX) Irp->AssociatedIrp.SystemBuffer;

outputBuffer->PartitionStyle = PARTITION_STYLE_MBR;

outputBuffer->RewritePartition = FALSE;

outputBuffer->PartitionLength.QuadPart= Extension->DiskLength;

outputBuffer->PartitionNumber = 1;

outputBuffer->Mbr.PartitionType = Extension->PartitionType;

outputBuffer->Mbr.BootIndicator = FALSE;

outputBuffer->Mbr.RecognizedPartition = TRUE;

outputBuffer->Mbr.HiddenSectors = 0;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (PARTITION_INFORMATION_EX);

}

break;

case IOCTL_DISK_GET_DRIVE_LAYOUT:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_DRIVE_LAYOUT)\n");

if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION), ValidateOutput))

{

PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);

BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= (sizeof (DRIVE_LAYOUT_INFORMATION) + 3*sizeof(PARTITION_INFORMATION)))? TRUE : FALSE;

PDRIVE_LAYOUT_INFORMATION outputBuffer = (PDRIVE_LAYOUT_INFORMATION)

Irp->AssociatedIrp.SystemBuffer;

outputBuffer->PartitionCount = bFullBuffer? 4 : 1;

outputBuffer->Signature = GetCrc32((unsigned char*) &(Extension->UniqueVolumeId), 4);

outputBuffer->PartitionEntry->PartitionType = Extension->PartitionType;

outputBuffer->PartitionEntry->BootIndicator = FALSE;

outputBuffer->PartitionEntry->RecognizedPartition = TRUE;

outputBuffer->PartitionEntry->RewritePartition = FALSE;

outputBuffer->PartitionEntry->PartitionLength.QuadPart = Extension->DiskLength;

outputBuffer->PartitionEntry->PartitionNumber = 1;

outputBuffer->PartitionEntry->HiddenSectors = 0;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (DRIVE_LAYOUT_INFORMATION);

if (bFullBuffer)

{

Irp->IoStatus.Information += 3*sizeof(PARTITION_INFORMATION);

memset (((BYTE*) Irp->AssociatedIrp.SystemBuffer) + sizeof (DRIVE_LAYOUT_INFORMATION), 0, 3*sizeof(PARTITION_INFORMATION));

}

}

break;

case IOCTL_DISK_GET_DRIVE_LAYOUT_EX:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_DRIVE_LAYOUT_EX)\n");

Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;

Irp->IoStatus.Information = 0;

if (EnableExtendedIoctlSupport)

{

if (ValidateIOBufferSize (Irp, sizeof (DRIVE_LAYOUT_INFORMATION_EX), ValidateOutput))

{

PIO_STACK_LOCATION irpSp = IoGetCurrentIrpStackLocation (Irp);

BOOL bFullBuffer = (irpSp->Parameters.DeviceIoControl.OutputBufferLength >= (sizeof (DRIVE_LAYOUT_INFORMATION_EX) + 3*sizeof(PARTITION_INFORMATION_EX)))? TRUE : FALSE;

PDRIVE_LAYOUT_INFORMATION_EX outputBuffer = (PDRIVE_LAYOUT_INFORMATION_EX)

Irp->AssociatedIrp.SystemBuffer;

outputBuffer->PartitionCount = bFullBuffer? 4 : 1;

outputBuffer->PartitionStyle = PARTITION_STYLE_MBR;

outputBuffer->Mbr.Signature = GetCrc32((unsigned char*) &(Extension->UniqueVolumeId), 4);

outputBuffer->PartitionEntry->PartitionStyle = PARTITION_STYLE_MBR;

outputBuffer->PartitionEntry->Mbr.BootIndicator = FALSE;

outputBuffer->PartitionEntry->Mbr.RecognizedPartition = TRUE;

outputBuffer->PartitionEntry->RewritePartition = FALSE;

outputBuffer->PartitionEntry->PartitionLength.QuadPart = Extension->DiskLength;

outputBuffer->PartitionEntry->PartitionNumber = 1;

outputBuffer->PartitionEntry->Mbr.HiddenSectors = 0;

outputBuffer->PartitionEntry->Mbr.PartitionType = Extension->PartitionType;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (DRIVE_LAYOUT_INFORMATION_EX);

if (bFullBuffer)

{

Irp->IoStatus.Information += 3*sizeof(PARTITION_INFORMATION_EX);

}

}

}

break;

case IOCTL_DISK_GET_LENGTH_INFO:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_DISK_GET_LENGTH_INFO)\n");

if (!ValidateIOBufferSize (Irp, sizeof (GET_LENGTH_INFORMATION), ValidateOutput))

{

Irp->IoStatus.Status = STATUS_BUFFER_OVERFLOW;

Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION);

}

else

{

PGET_LENGTH_INFORMATION outputBuffer = (PGET_LENGTH_INFORMATION) Irp->AssociatedIrp.SystemBuffer;

outputBuffer->Length.QuadPart = Extension->DiskLength;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (GET_LENGTH_INFORMATION);

}

Irp->IoStatus.Information = 0;

if (EnableExtendedIoctlSupport)

{

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = 0;

}

break;

case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS)\n");

// Vista's, Windows 8.1 and later filesystem defragmenter fails if IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS does not succeed.

if (!(OsMajorVersion == 6 && OsMinorVersion == 0)

&& !(IsOSAtLeast (WIN_8_1) && AllowWindowsDefrag && Extension->bRawDevice)

)

{

Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;

Irp->IoStatus.Information = 0;

}

else if (ValidateIOBufferSize (Irp, sizeof (VOLUME_DISK_EXTENTS), ValidateOutput))

{

VOLUME_DISK_EXTENTS *extents = (VOLUME_DISK_EXTENTS *) Irp->AssociatedIrp.SystemBuffer;

if (IsOSAtLeast (WIN_8_1))

{

// Windows 10 filesystem defragmenter works only if we report an extent with a real disk number

// So in the case of a VeraCrypt disk based volume, we use the disk number

// of the underlaying physical disk and we report a single extent

extents->NumberOfDiskExtents = 1;

extents->Extents[0].DiskNumber = Extension->DeviceNumber;

extents->Extents[0].ExtentLength.QuadPart = Extension->DiskLength;

}

else

{

// Vista: No extent data can be returned as this is not a physical drive.

memset (extents, 0, sizeof (*extents));

extents->NumberOfDiskExtents = 0;

}

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (*extents);

}

break;

case IOCTL_STORAGE_READ_CAPACITY:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_STORAGE_READ_CAPACITY)\n");

Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;

Irp->IoStatus.Information = 0;

if (EnableExtendedIoctlSupport)

{

if (ValidateIOBufferSize (Irp, sizeof (STORAGE_READ_CAPACITY), ValidateOutput))

{

STORAGE_READ_CAPACITY *capacity = (STORAGE_READ_CAPACITY *) Irp->AssociatedIrp.SystemBuffer;

capacity->Version = sizeof (STORAGE_READ_CAPACITY);

capacity->Size = sizeof (STORAGE_READ_CAPACITY);

capacity->BlockLength = Extension->BytesPerSector;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (STORAGE_READ_CAPACITY);

}

}

break;

/*case IOCTL_STORAGE_GET_DEVICE_NUMBER:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_STORAGE_GET_DEVICE_NUMBER)\n");

Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;

Irp->IoStatus.Information = 0;

if (EnableExtendedIoctlSupport)

{

if (ValidateIOBufferSize (Irp, sizeof (STORAGE_DEVICE_NUMBER), ValidateOutput))

{

STORAGE_DEVICE_NUMBER *storage = (STORAGE_DEVICE_NUMBER *) Irp->AssociatedIrp.SystemBuffer;

storage->DeviceType = FILE_DEVICE_DISK;

storage->DeviceNumber = (ULONG) -1;

storage->PartitionNumber = 1;

Irp->IoStatus.Status = STATUS_SUCCESS;

Irp->IoStatus.Information = sizeof (STORAGE_DEVICE_NUMBER);

}

}

break;*/

case IOCTL_STORAGE_GET_HOTPLUG_INFO:

Dump ("ProcessVolumeDeviceControlIrp (IOCTL_STORAGE_GET_HOTPLUG_INFO)\n");

Irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;

|| (!StringNoCaseCompare (opentest->wszFileName, L"\\Device\\Harddisk", 16))

)

{

Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;

Irp->IoStatus.Information = 0;

break;

}

EnsureNullTerminatedString (opentest->wszFileName, sizeof (opentest->wszFileName));

RtlInitUnicodeString (&FullFileName, opentest->wszFileName);

InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);

if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bComputeVolumeIDs)

access |= FILE_READ_DATA;

ntStatus = ZwCreateFile (&NtFileHandle,

SYNCHRONIZE | access, &ObjectAttributes, &IoStatus, NULL,

0, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT, NULL, 0);

if (NT_SUCCESS (ntStatus))

{

opentest->TCBootLoaderDetected = FALSE;

opentest->FilesystemDetected = FALSE;

memset (opentest->VolumeIDComputed, 0, sizeof (opentest->VolumeIDComputed));

memset (opentest->volumeIDs, 0, sizeof (opentest->volumeIDs));

if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem || opentest->bComputeVolumeIDs)

{

if (!readBuffer)

{

ntStatus = STATUS_INSUFFICIENT_RESOURCES;

}

else

{

if (opentest->bDetectTCBootLoader || opentest->DetectFilesystem)

{

// Determine if the first sector contains a portion of the VeraCrypt Boot Loader

offset.QuadPart = 0;

ntStatus = ZwReadFile (NtFileHandle,

NULL,

NULL,

NULL,

&IoStatus,

readBuffer,

TC_MAX_VOLUME_SECTOR_SIZE,

&offset,

NULL);

if (NT_SUCCESS (ntStatus))

{

size_t i;

if (opentest->bDetectTCBootLoader && IoStatus.Information >= TC_SECTOR_SIZE_BIOS)

{

// Search for the string "VeraCrypt"

for (i = 0; i < TC_SECTOR_SIZE_BIOS - strlen (TC_APP_NAME); ++i)

WCHAR* wszPath = NULL;

if (!ValidateIOBufferSize (Irp, sizeof (GetSystemDriveConfigurationRequest), ValidateInputOutput))

break;

// check that request->DevicePath has the expected format "\\Device\\HarddiskXXX\\Partition0"

// 28 is the length of "\\Device\\Harddisk0\\Partition0" which is the minimum

// 30 is the length of "\\Device\\Harddisk255\\Partition0" which is the maximum

wszPath = request->DevicePath;

if ( !CheckStringLength (wszPath, TC_MAX_PATH, 28, 30, &devicePathLen)

|| (memcmp (wszPath, L"\\Device\\Harddisk", 16 * sizeof (WCHAR)))

|| (memcmp (wszPath + (devicePathLen - 11), L"\\Partition0", 11 * sizeof (WCHAR)))

)

{

Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;

Irp->IoStatus.Information = 0;

break;

}

EnsureNullTerminatedString (request->DevicePath, sizeof (request->DevicePath));

RtlInitUnicodeString (&FullFileName, request->DevicePath);

InitializeObjectAttributes (&ObjectAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, NULL, NULL);

ntStatus = ZwCreateFile (&NtFileHandle,

SYNCHRONIZE | GENERIC_READ, &ObjectAttributes, &IoStatus, NULL,

FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT | FILE_RANDOM_ACCESS, NULL, 0);

if (NT_SUCCESS (ntStatus))

{

if (!readBuffer)

{

Irp->IoStatus.Status = STATUS_INSUFFICIENT_RESOURCES;

Irp->IoStatus.Information = 0;

}

else

{

// Determine if the first sector contains a portion of the VeraCrypt Boot Loader

offset.QuadPart = 0; // MBR

ntStatus = ZwReadFile (NtFileHandle,

NULL,

NULL,

NULL,

&IoStatus,

readBuffer,

TC_MAX_VOLUME_SECTOR_SIZE,

&offset,

NULL);

if (NT_SUCCESS (ntStatus))

{

// check that we could read all needed data

if (IoStatus.Information >= TC_SECTOR_SIZE_BIOS)

{

size_t i;

// Check for dynamic drive

request->DriveIsDynamic = FALSE;

}

else

{

pThreadBlock->wszMountVolume[0] = 0;

RtlStringCbCatW (pThreadBlock->wszMountVolume, sizeof(pThreadBlock->wszMountVolume),pThreadBlock->mount->wszVolume);

bDevice = TRUE;

}

Dump ("Mount THREAD request for File %ls DriveNumber %d Device = %d\n",

pThreadBlock->wszMountVolume, pThreadBlock->mount->nDosDriveNo, bDevice);

pThreadBlock->ntCreateStatus = TCOpenVolume (DeviceObject,

Extension,

pThreadBlock->mount,

pThreadBlock->wszMountVolume,

bDevice);

if (!NT_SUCCESS (pThreadBlock->ntCreateStatus) || pThreadBlock->mount->nReturnCode != 0)

{

KeSetEvent (&Extension->keCreateEvent, 0, FALSE);

PsTerminateSystemThread (STATUS_SUCCESS);

}

// Start IO queue

Extension->Queue.IsFilterDevice = FALSE;

Extension->Queue.DeviceObject = DeviceObject;

Extension->Queue.CryptoInfo = Extension->cryptoInfo;

Extension->Queue.HostFileHandle = Extension->hDeviceFile;

Extension->Queue.VirtualDeviceLength = Extension->DiskLength;

Extension->Queue.MaxReadAheadOffset.QuadPart = Extension->HostLength;

if (Extension->SecurityClientContextValid)

Extension->Queue.SecurityClientContext = &Extension->SecurityClientContext;

else

Extension->Queue.SecurityClientContext = NULL;

pThreadBlock->ntCreateStatus = EncryptedIoQueueStart (&Extension->Queue);

if (!NT_SUCCESS (pThreadBlock->ntCreateStatus))

{

TCCloseVolume (DeviceObject, Extension);

pThreadBlock->mount->nReturnCode = ERR_OS_ERROR;

KeSetEvent (&Extension->keCreateEvent, 0, FALSE);

PsTerminateSystemThread (STATUS_SUCCESS);

}

KeSetEvent (&Extension->keCreateEvent, 0, FALSE);

/* From this point on pThreadBlock cannot be used as it will have been released! */

pThreadBlock = NULL;

for (;;)

{

/* Wait for a request from the dispatch routines. */

KeWaitForSingleObject ((PVOID) & Extension->RequestSemaphore, Executive, KernelMode, FALSE, NULL);

for (;;)

{

PIO_STACK_LOCATION irpSp;

PLIST_ENTRY request;

return args.Status;

}

KeInitializeEvent (&event, NotificationEvent, FALSE);

irp = IoBuildDeviceIoControlRequest (ioControlCode, deviceObject, inputBuffer, inputBufferSize,

outputBuffer, outputBufferSize, FALSE, &event, &ioStatusBlock);

if (!irp)

return STATUS_INSUFFICIENT_RESOURCES;

ObReferenceObject (deviceObject);

status = IoCallDriver (deviceObject, irp);

if (status == STATUS_PENDING)

{

KeWaitForSingleObject (&event, Executive, KernelMode, FALSE, NULL);

status = ioStatusBlock.Status;

}

ObDereferenceObject (deviceObject);

return status;

}

NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize)

{

NTSTATUS status;

LARGE_INTEGER sysLength;

LARGE_INTEGER offset;

ULONGLONG startTime;

ULONG sectorSize;

if (!UserCanAccessDriveDevice())

return STATUS_ACCESS_DENIED;

status = GetDeviceSectorSize (driveDeviceObject, &sectorSize);

if (!NT_SUCCESS (status))

return status;

sectorBuffer = TCalloc (sectorSize);

if (!sectorBuffer)

return STATUS_INSUFFICIENT_RESOURCES;

status = SendDeviceIoControlRequest (driveDeviceObject, IOCTL_DISK_GET_LENGTH_INFO,

NULL, 0, &sysLength, sizeof (sysLength));

if (!NT_SUCCESS (status))

{

Dump ("Failed to get drive size - error %x\n", status);

TCfree (sectorBuffer);

return status;

}

startTime = KeQueryInterruptTime ();

for (offset.QuadPart = sysLength.QuadPart; ; offset.QuadPart += sectorSize)

{

status = TCReadDevice (driveDeviceObject, sectorBuffer, offset, sectorSize);

if (NT_SUCCESS (status))

NTSTATUS WriteRegistryConfigFlags (uint32 flags)

{

UNICODE_STRING name;

RtlInitUnicodeString (&name, L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services\\veracrypt");

return TCWriteRegistryKey (&name, TC_DRIVER_CONFIG_REG_VALUE_NAME, REG_DWORD, &flags, sizeof (flags));

}

NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector)

{

NTSTATUS status;

DISK_GEOMETRY geometry;

status = SendDeviceIoControlRequest (deviceObject, IOCTL_DISK_GET_DRIVE_GEOMETRY, NULL, 0, &geometry, sizeof (geometry));

if (!NT_SUCCESS (status))

return status;

*bytesPerSector = geometry.BytesPerSector;

return STATUS_SUCCESS;

}

NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount)

{

NTSTATUS status;

ULONG sectorSize;

ULONG sectorCount;

*zeroedSectorCount = 0;

status = GetDeviceSectorSize (deviceObject, &sectorSize);

if (!NT_SUCCESS (status))

return status;

sectorBuffer = TCalloc (sectorSize);

if (!sectorBuffer)

return STATUS_INSUFFICIENT_RESOURCES;

for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize)

{

status = TCReadDevice (deviceObject, sectorBuffer, startOffset, sectorSize);

if (!NT_SUCCESS (status))

{

Dump ("Zeroing sector at %I64d\n", startOffset.QuadPart);

memset (sectorBuffer, 0, sectorSize);

status = TCWriteDevice (deviceObject, sectorBuffer, startOffset, sectorSize);

if (!NT_SUCCESS (status))

goto err;

++(*zeroedSectorCount);

}

}

status = STATUS_SUCCESS;

err:

if (sectorBuffer)

TCfree (sectorBuffer);

return status;

}

{

NTSTATUS status;

ULONG sectorSize;

ULONG sectorCount;

*badSectorCount = 0;

status = GetDeviceSectorSize (deviceObject, &sectorSize);

if (!NT_SUCCESS (status))

return status;

for (sectorCount = size / sectorSize; sectorCount > 0; --sectorCount, startOffset.QuadPart += sectorSize, buffer += sectorSize)

{

status = TCReadDevice (deviceObject, buffer, startOffset, sectorSize);

if (!NT_SUCCESS (status))

{

Dump ("Skipping bad sector at %I64d\n", startOffset.QuadPart);

memset (buffer, 0, sectorSize);

++(*badSectorCount);

}

}

return STATUS_SUCCESS;

}

BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension)

{

SECURITY_SUBJECT_CONTEXT subContext;

PACCESS_TOKEN accessToken;

NTSTATUS CreateDriveLink (int nDosDriveNo);

NTSTATUS RemoveDriveLink (int nDosDriveNo);

NTSTATUS MountManagerMount (MOUNT_STRUCT *mount);

NTSTATUS MountManagerUnmount (int nDosDriveNo);

NTSTATUS MountDevice (PDEVICE_OBJECT deviceObject, MOUNT_STRUCT *mount);

NTSTATUS UnmountDevice (UNMOUNT_STRUCT *unmountRequest, PDEVICE_OBJECT deviceObject, BOOL ignoreOpenFiles);

NTSTATUS UnmountAllDevices (UNMOUNT_STRUCT *unmountRequest, BOOL ignoreOpenFiles);

NTSTATUS SymbolicLinkToTarget (PWSTR symlinkName, PWSTR targetName, USHORT maxTargetNameLength);

BOOL RootDeviceControlMutexAcquireNoWait ();

void RootDeviceControlMutexRelease ();

BOOL RegionsOverlap (unsigned __int64 start1, unsigned __int64 end1, unsigned __int64 start2, unsigned __int64 end2);

void GetIntersection (uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength);

NTSTATUS TCCompleteIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);

NTSTATUS TCCompleteDiskIrp (PIRP irp, NTSTATUS status, ULONG_PTR information);

NTSTATUS ProbeRealDriveSize (PDEVICE_OBJECT driveDeviceObject, LARGE_INTEGER *driveSize);

BOOL UserCanAccessDriveDevice ();

size_t GetCpuCount (WORD* pGroupCount);

USHORT GetCpuGroup (size_t index);

void SetThreadCpuGroupAffinity (USHORT index);

void EnsureNullTerminatedString (wchar_t *str, size_t maxSizeInBytes);

void *AllocateMemoryWithTimeout (size_t size, int retryDelay, int timeout);

BOOL IsDriveLetterAvailable (int nDosDriveNo, DeviceNamespaceType namespaceType);

NTSTATUS TCReadRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, PKEY_VALUE_PARTIAL_INFORMATION *keyData);

NTSTATUS TCWriteRegistryKey (PUNICODE_STRING keyPath, wchar_t *keyValueName, ULONG keyValueType, void *valueData, ULONG valueSize);

BOOL IsVolumeClassFilterRegistered ();

NTSTATUS ReadRegistryConfigFlags (BOOL driverEntry);

NTSTATUS WriteRegistryConfigFlags (uint32 flags);

BOOL ValidateIOBufferSize (PIRP irp, size_t requiredBufferSize, ValidateIOBufferSizeType type);

NTSTATUS GetDeviceSectorSize (PDEVICE_OBJECT deviceObject, ULONG *bytesPerSector);

NTSTATUS ZeroUnreadableSectors (PDEVICE_OBJECT deviceObject, LARGE_INTEGER startOffset, ULONG size, uint64 *zeroedSectorCount);

BOOL IsVolumeAccessibleByCurrentUser (PEXTENSION volumeDeviceExtension);

void GetElapsedTimeInit (LARGE_INTEGER *lastPerfCounter);

int64 GetElapsedTime (LARGE_INTEGER *lastPerfCounter);

BOOL IsOSAtLeast (OSVersionEnum reqMinOS);

PDEVICE_OBJECT GetVirtualVolumeDeviceObject (int driveNumber);

void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed);

#define TC_BUG_CHECK(status) KeBugCheckEx (SECURITY_SYSTEM, __LINE__, (ULONG_PTR) status, 0, 'VC')

#endif // TC_HEADER_NTDRIVER

/* when mounting with hidden volume protection, we cache the passwords after both outer and hidden volumes are mounted successfully*/

BOOL bAutoCachePassword = mount->bProtectHiddenVolume? FALSE : mount->bCache;

Extension->pfoDeviceFile = NULL;

Extension->hDeviceFile = NULL;

Extension->bTimeStampValid = FALSE;

/* default value for storage alignment */

Extension->HostMaximumTransferLength = 65536;

Extension->HostMaximumPhysicalPages = 17;

Extension->HostAlignmentMask = 0;

/* default values for non-SSD drives */

Extension->IncursSeekPenalty = TRUE;

Extension->TrimEnabled = FALSE;

Extension->DeviceNumber = (ULONG) -1;

RtlInitUnicodeString (&FullFileName, pwszMountVolume);

InitializeObjectAttributes (&oaFileAttributes, &FullFileName, OBJ_CASE_INSENSITIVE | (forceAccessCheck ? OBJ_FORCE_ACCESS_CHECK : 0) | OBJ_KERNEL_HANDLE, NULL, NULL);

KeInitializeEvent (&Extension->keVolumeEvent, NotificationEvent, FALSE);

if (Extension->SecurityClientContextValid)

{

ntStatus = SeImpersonateClientEx (&Extension->SecurityClientContext, NULL);

if (!NT_SUCCESS (ntStatus))

goto error;

}

mount->VolumeMountedReadOnlyAfterDeviceWriteProtected = FALSE;

// If we are opening a device, query its size first

if (bRawDevice)

{

PARTITION_INFORMATION pi;

PARTITION_INFORMATION_EX pix;

LARGE_INTEGER diskLengthInfo;

DISK_GEOMETRY_EX dg;

STORAGE_PROPERTY_QUERY storagePropertyQuery = {0};

STORAGE_DEVICE_NUMBER storageDeviceNumber;

ntStatus = IoGetDeviceObjectPointer (&FullFileName,

FILE_READ_DATA | FILE_READ_ATTRIBUTES,

&Extension->pfoDeviceFile,

&Extension->pFsdDevice);

if (!NT_SUCCESS (ntStatus))

goto error;

dgBuffer = TCalloc (256);

if (!dgBuffer)

{

ntStatus = STATUS_INSUFFICIENT_RESOURCES;

goto error;

}

ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY_EX, (char *) dgBuffer, 256);

if (!NT_SUCCESS (ntStatus))

{

DISK_GEOMETRY geo;

ntStatus = TCSendHostDeviceIoControlRequest (DeviceObject, Extension, IOCTL_DISK_GET_DRIVE_GEOMETRY, (char *) &geo, sizeof (geo));

if (!NT_SUCCESS (ntStatus))

{

TCfree (dgBuffer);

goto error;

}

memset (&dg, 0, sizeof (dg));

memcpy (&dg.Geometry, &geo, sizeof (geo));

dg.DiskSize.QuadPart = geo.Cylinders.QuadPart * geo.SectorsPerTrack * geo.TracksPerCylinder * geo.BytesPerSector;

mount->bCachePim,

readBuffer,

&mount->VolumePassword,

mount->pkcs5_prf,

mount->VolumePim,

&Extension->cryptoInfo);

}

ReadVolumeHeaderRecoveryMode = FALSE;

if (mount->nReturnCode == 0 || mount->nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)

{

/* Volume header successfully decrypted */

if (!Extension->cryptoInfo)

{

/* should never happen */

mount->nReturnCode = ERR_OUTOFMEMORY;

ntStatus = STATUS_SUCCESS;

goto error;

}

#ifdef _WIN64

if (IsRamEncryptionEnabled() && (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume))

VcProtectKeys (Extension->cryptoInfo, VcGetEncryptionID (Extension->cryptoInfo));

#endif

Dump ("Volume header decrypted\n");

Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion);

Dump ("Legacy volume = %d\n", (int) Extension->cryptoInfo->LegacyVolume);

if (IsHiddenSystemRunning() && !Extension->cryptoInfo->hiddenVolume)

{

Extension->bReadOnly = mount->bMountReadOnly = TRUE;

HiddenSysLeakProtectionCount++;

}

Extension->cryptoInfo->bProtectHiddenVolume = FALSE;

Extension->cryptoInfo->bHiddenVolProtectionAction = FALSE;

Extension->cryptoInfo->bPartitionInInactiveSysEncScope = mount->bPartitionInInactiveSysEncScope;

/* compute the ID of this volume: SHA-256 of the effective header */

sha256 (Extension->volumeID, readBuffer, TC_VOLUME_HEADER_EFFECTIVE_SIZE);

if (volumeType == TC_VOLUME_TYPE_NORMAL)

{

if (mount->bPartitionInInactiveSysEncScope)

{

if (Extension->cryptoInfo->EncryptedAreaStart.Value > (unsigned __int64) partitionStartingOffset

|| Extension->cryptoInfo->EncryptedAreaStart.Value + Extension->cryptoInfo->VolumeSize.Value <= (unsigned __int64) partitionStartingOffset)

{

// The partition is not within the key scope of system encryption

mount->nReturnCode = ERR_PASSWORD_WRONG;

ntStatus = STATUS_SUCCESS;

goto error;

}

if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value)

{

}

}

else if (Extension->cryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC)

{

if (Extension->cryptoInfo->EncryptedAreaLength.Value != Extension->cryptoInfo->VolumeSize.Value)

{

// Non-system in-place encryption process has not been completed on this volume

mount->nReturnCode = ERR_NONSYS_INPLACE_ENC_INCOMPLETE;

ntStatus = STATUS_SUCCESS;

goto error;

}

}

}

Extension->cryptoInfo->FirstDataUnitNo.Value = 0;

if (Extension->cryptoInfo->hiddenVolume && IsHiddenSystemRunning())

{

// Prevent mount of a hidden system partition if the system hosted on it is currently running

if (memcmp (Extension->cryptoInfo->master_keydata_hash, GetSystemDriveCryptoInfo()->master_keydata_hash, sizeof(Extension->cryptoInfo->master_keydata_hash)) == 0)

{

mount->nReturnCode = ERR_VOL_ALREADY_MOUNTED;

ntStatus = STATUS_SUCCESS;

goto error;

}

}

switch (volumeType)

{

case TC_VOLUME_TYPE_NORMAL:

break;

}

Dump ("Volume data offset = %I64d\n", Extension->cryptoInfo->volDataAreaOffset);

Dump ("Volume data size = %I64d\n", Extension->DiskLength);

Dump ("Volume data end = %I64d\n", Extension->cryptoInfo->volDataAreaOffset + Extension->DiskLength - 1);

if (Extension->DiskLength == 0)

{

Dump ("Incorrect volume size\n");

continue;

}

// If this is a hidden volume, make sure we are supposed to actually

// mount it (i.e. not just to protect it)

if (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume)

{

// Validate sector size

if (bRawDevice && Extension->cryptoInfo->SectorSize != Extension->HostBytesPerSector)

{

mount->nReturnCode = ERR_PARAMETER_INCORRECT;

ntStatus = STATUS_SUCCESS;

goto error;

}

// Calculate virtual volume geometry

Extension->TracksPerCylinder = 1;

Extension->SectorsPerTrack = 1;

Extension->BytesPerSector = Extension->cryptoInfo->SectorSize;

Extension->PartitionType = 0;

Extension->bRawDevice = bRawDevice;

memset (Extension->wszVolume, 0, sizeof (Extension->wszVolume));

if ((wcslen (pwszMountVolume) > 8) && (0 == memcmp (pwszMountVolume, WIDE ("\\??\\UNC\\"), 8 * sizeof (WCHAR))))

{

/* UNC path */

RtlStringCbPrintfW (Extension->wszVolume,

sizeof (Extension->wszVolume),

WIDE ("\\??\\\\%s"),

pwszMountVolume + 7);

}

else

{

RtlStringCbCopyW (Extension->wszVolume, sizeof(Extension->wszVolume),pwszMountVolume);

}

memset (Extension->wszLabel, 0, sizeof (Extension->wszLabel));

RtlStringCbCopyW (Extension->wszLabel, sizeof(Extension->wszLabel), mount->wszLabel);

}

// If we are to protect a hidden volume we cannot exit yet, for we must also

// decrypt the hidden volume header.

if (!(volumeType == TC_VOLUME_TYPE_NORMAL && mount->bProtectHiddenVolume))

{

/* in case of mounting with hidden volume protection, we cache both passwords manually after bother outer and hidden volumes are mounted*/

if (mount->bProtectHiddenVolume && mount->bCache)

{

AddPasswordToCache(&mount->VolumePassword, mount->VolumePim, mount->bCachePim);

<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">

<ItemGroup Label="ProjectConfigurations">

<ProjectConfiguration Include="Debug|ARM64">

<Configuration>Debug</Configuration>

<Platform>ARM64</Platform>

</ProjectConfiguration>

<ProjectConfiguration Include="Debug|Win32">

<Configuration>Debug</Configuration>

<Platform>Win32</Platform>

</ProjectConfiguration>

<ProjectConfiguration Include="Debug|x64">

<Configuration>Debug</Configuration>

<Platform>x64</Platform>

</ProjectConfiguration>

<ProjectConfiguration Include="Release|ARM64">

<Configuration>Release</Configuration>

<Platform>ARM64</Platform>

</ProjectConfiguration>

<ProjectConfiguration Include="Release|Win32">

<Configuration>Release</Configuration>

<Platform>Win32</Platform>

</ProjectConfiguration>

<ProjectConfiguration Include="Release|x64">

<Configuration>Release</Configuration>

<Platform>x64</Platform>

</ProjectConfiguration>

</ItemGroup>

<ItemGroup>

<ClCompile Include="..\Common\Cache.c" />

<ClCompile Include="..\Common\Crc.c" />

<ClCompile Include="..\Common\EncryptionThreadPool.c" />

<ClCompile Include="..\Common\Endian.c" />

<ClCompile Include="..\Common\GfMul.c" />

<ClCompile Include="..\Common\Pkcs5.c" />

<ClCompile Include="..\Common\Tests.c" />

<ClCompile Include="..\Common\Volumes.c" />

<ClCompile Include="..\Common\Wipe.c" />

<ClCompile Include="..\Common\Xts.c" />

<ClCompile Include="..\Crypto\Aeskey.c" />

<ClCompile Include="..\Crypto\Aestab.c" />

<ClCompile Include="..\Crypto\blake2s.c" />

<ClCompile Include="..\Crypto\blake2s_SSE2.c" />

<ClCompile Include="..\Crypto\blake2s_SSE41.c" />

<ClCompile Include="..\Crypto\blake2s_SSSE3.c" />

<ClCompile Include="..\Crypto\Camellia.c" />

<ClCompile Include="..\Crypto\chacha-xmm.c" />

<ClCompile Include="..\Crypto\chacha256.c" />

<ClCompile Include="..\Crypto\chachaRng.c" />

<ClCompile Include="..\Crypto\cpu.c" />

<ClCompile Include="..\Crypto\jitterentropy-base.c" />

<ClCompile Include="..\Crypto\kuznyechik.c" />

<ClCompile Include="..\Crypto\kuznyechik_simd.c">

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</ClCompile>

<ClCompile Include="..\Crypto\rdrand.c">

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</ClCompile>

<ClCompile Include="..\Crypto\SerpentFast.c" />

<ClCompile Include="..\Crypto\SerpentFast_simd.cpp">

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</ClCompile>

<ClCompile Include="..\Crypto\Streebog.c" />

<ClCompile Include="..\Crypto\t1ha2.c" />

<ClCompile Include="..\Crypto\t1ha2_selfcheck.c" />

<ClCompile Include="..\Crypto\t1ha_selfcheck.c" />

<ClCompile Include="..\Crypto\Twofish.c" />

<ClCompile Include="..\Crypto\Whirlpool.c" />

<ClCompile Include="Ntdriver.c" />

<ClCompile Include="VolumeFilter.c" />

<ClCompile Include="DriveFilter.c" />

<ClCompile Include="DumpFilter.c" />

<ClCompile Include="EncryptedIoQueue.c" />

<ClCompile Include="Ntvol.c" />

</ItemGroup>

<PropertyGroup Label="Globals">

<ProjectGuid>{4B41C7B5-75C6-40A2-AF4D-55BC1E012BCD}</ProjectGuid>

<TemplateGuid>{f2f62967-0815-4fd7-9b86-6eedcac766eb}</TemplateGuid>

<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>

<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>

<Configuration>Debug</Configuration>

<Platform Condition="'$(Platform)' == ''">Win32</Platform>

<RootNamespace>veracrypt</RootNamespace>

<WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>

<ProjectName>driver</ProjectName>

</PropertyGroup>

<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">

<TargetVersion>Windows10</TargetVersion>

<UseDebugLibraries>true</UseDebugLibraries>

<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>

<ConfigurationType>Driver</ConfigurationType>

<SupportsPackaging>false</SupportsPackaging>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">

<TargetVersion>Windows10</TargetVersion>

<UseDebugLibraries>false</UseDebugLibraries>

<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>

<ConfigurationType>Driver</ConfigurationType>

<DriverType>WDM</DriverType>

<_NT_TARGET_VERSION>0x0A00</_NT_TARGET_VERSION>

<SupportsPackaging>false</SupportsPackaging>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">

<TargetVersion>Windows10</TargetVersion>

<UseDebugLibraries>false</UseDebugLibraries>

<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>

<ConfigurationType>Driver</ConfigurationType>

<DriverType>WDM</DriverType>

<_NT_TARGET_VERSION>0x0A00</_NT_TARGET_VERSION>

<SupportsPackaging>false</SupportsPackaging>

</PropertyGroup>

<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />

<ImportGroup Label="ExtensionSettings">

</ImportGroup>

<ImportGroup Label="PropertySheets">

<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />

</ImportGroup>

<PropertyGroup Label="UserMacros" />

<PropertyGroup />

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

<TargetName>veracrypt</TargetName>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">

<TargetName>veracrypt</TargetName>

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">

<TargetName>veracrypt</TargetName>

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

<OutDir>$(ProjectDir)$(Platform)\$(ConfigurationName)\</OutDir>

<TargetName>veracrypt</TargetName>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">

<TargetName>veracrypt</TargetName>

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

</PropertyGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">

<TargetName>veracrypt</TargetName>

<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>

</PropertyGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;DEBUG;_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

<Command>copy $(TargetPath) "..\Debug\Setup Files\VeraCrypt-arm64.sys"</Command>

</PostBuildEvent>

<Inf>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;DEBUG;_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

</PostBuildEvent>

<Inf>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;DEBUG;_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

</PostBuildEvent>

<Inf>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

<Command>copy $(TargetPath) "..\Release\Setup Files\VeraCrypt-arm64.sys"</Command>

</PostBuildEvent>

<Inf>

<SpecifyArchitecture>true</SpecifyArchitecture>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

</PostBuildEvent>

<Inf>

<SpecifyArchitecture>true</SpecifyArchitecture>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">

<Link>

<AdditionalDependencies>fltmgr.lib;%(AdditionalDependencies)</AdditionalDependencies>

<OutputFile>$(OutDir)$(TargetName)$(TargetExt)</OutputFile>

</Link>

<ClCompile>

<AdditionalIncludeDirectories>$(SolutionDir)Common;$(SolutionDir)Crypto;$(SolutionDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

<PreprocessorDefinitions>TC_WINDOWS_DRIVER;_WIN32;_NO_CRT_STDIO_INLINE;%(PreprocessorDefinitions)</PreprocessorDefinitions>

<DisableSpecificWarnings>4064;4627;4627;4366;4100;4057;4457;4456;4152;4213;4244;4127;4706;%(DisableSpecificWarnings)</DisableSpecificWarnings>

</ClCompile>

<PostBuildEvent>

</PostBuildEvent>

<Inf>

<SpecifyArchitecture>true</SpecifyArchitecture>

<SpecifyDriverVerDirectiveVersion>false</SpecifyDriverVerDirectiveVersion>

</Inf>

</ItemDefinitionGroup>

<ItemGroup>

<FilesToPackage Include="$(TargetPath)" />

</ItemGroup>

<ItemGroup>

<ClInclude Include="..\Crypto\Aes.h" />

<ClInclude Include="..\Crypto\Aesopt.h" />

<ClInclude Include="..\Crypto\AesSmall.h" />

<ClInclude Include="..\Crypto\Aestab.h" />

<ClInclude Include="..\Crypto\Aes_hw_cpu.h" />

<ClInclude Include="..\Crypto\Camellia.h" />

<ClInclude Include="..\Crypto\chacha256.h" />

<ClInclude Include="..\Crypto\chachaRng.h" />

<ClInclude Include="..\Crypto\chacha_u1.h" />

<ClInclude Include="..\Crypto\chacha_u4.h" />

<ClInclude Include="..\Crypto\config.h" />

<ClInclude Include="..\Crypto\cpu.h" />

<ClInclude Include="..\Crypto\GostCipher.h" />

<ClInclude Include="..\Crypto\jitterentropy-base-user.h" />

<ClInclude Include="..\Crypto\jitterentropy.h" />

<ClInclude Include="..\Crypto\kuznyechik.h" />

<ClInclude Include="..\Crypto\misc.h" />

<ClInclude Include="..\Crypto\rdrand.h" />

<ClInclude Include="..\Crypto\Rmd160.h" />

<ClInclude Include="..\Crypto\SerpentFast.h" />

<ClInclude Include="..\Crypto\SerpentFast_sbox.h" />

<ClInclude Include="..\Crypto\Sha2.h" />

<ClInclude Include="..\Crypto\Streebog.h" />

<ClInclude Include="..\Crypto\t1ha.h" />

<ClInclude Include="..\Crypto\t1ha_bits.h" />

<ClInclude Include="..\Crypto\t1ha_selfcheck.h" />

<ClInclude Include="..\Crypto\Twofish.h" />

<ClInclude Include="..\Crypto\Whirlpool.h" />

<ClInclude Include="DriveFilter.h" />

<ClInclude Include="DumpFilter.h" />

<ClInclude Include="EncryptedIoQueue.h" />

<ClInclude Include="Ntdriver.h" />

<ClInclude Include="Ntvol.h" />

<ClInclude Include="Resource.h" />

<ClInclude Include="VolumeFilter.h" />

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Aes_hw_cpu.asm">

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win64 -Ox -g -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win64 -Ox -g -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Aes_x64.asm">

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Aes_x86.asm">

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win32 -Ox -g --prefix _ -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win32 -Ox -g --prefix _ -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win32 -Ox -g --prefix _ -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|x64'">echo %(Filename)%(Extension) &amp; nasm.exe -Xvc -f win32 -Ox -g --prefix _ -o "$(TargetDir)\%(Filename).obj" "%(FullPath)"

</Command>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Twofish_x64.S">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Camellia_aesni_x64.S">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Camellia_x64.S">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha256-x86-nayuki.S">

<FileType>Document</FileType>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha256_avx1_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha256_avx2_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha256_sse4_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha512-x86-nayuki.S">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">false</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha512-x64-nayuki.S">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha512_avx1_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha512_avx2_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\sha512_sse4_x64.asm">

<FileType>Document</FileType>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\rdrand_ml.asm">

<FileType>Document</FileType>

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|x64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\rdseed_ml.asm">

<FileType>Document</FileType>

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Command Condition="'$(Configuration)|$(Platform)'=='Release|x64'">echo %(Filename)%(Extension) &amp; ml64.exe /nologo /D_M_X64 /W3 /Cx /Zi /Fo "$(TargetDir)\%(Filename).obj" /c "%(FullPath)"

</Command>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<Outputs Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(TargetDir)\%(Filename).obj;%(Outputs)</Outputs>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>

<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>

</CustomBuild>

</ItemGroup>

<ItemGroup>

<ResourceCompile Include="Driver.rc" />

</ItemGroup>

<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />

<ImportGroup Label="ExtensionTargets">

</ImportGroup>

</Project> \ No newline at end of file

<ClInclude Include="..\Crypto\SerpentFast.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\SerpentFast_sbox.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\Sha2.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\Streebog.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\t1ha.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\t1ha_bits.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\t1ha_selfcheck.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\Twofish.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\Whirlpool.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

<ClInclude Include="..\Crypto\AesSmall.h">

<Filter>Crypto\Header Files</Filter>

</ClInclude>

</ItemGroup>

<ItemGroup>

<CustomBuild Include="..\Crypto\Aes_hw_cpu.asm">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\Aes_x64.asm">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\Aes_x86.asm">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\Twofish_x64.S">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\Camellia_aesni_x64.S">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\Camellia_x64.S">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\sha256-x86-nayuki.S">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\sha256_avx1_x64.asm">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\sha256_avx2_x64.asm">

<Filter>Crypto\Source Files</Filter>

</CustomBuild>

<CustomBuild Include="..\Crypto\sha256_sse4_x64.asm">