VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/ExpandVolume/ExpandVolume.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/ExpandVolume/ExpandVolume.c')
-rw-r--r--src/ExpandVolume/ExpandVolume.c64
1 files changed, 35 insertions, 29 deletions
diff --git a/src/ExpandVolume/ExpandVolume.c b/src/ExpandVolume/ExpandVolume.c
index 84f6cfe8..9a53bbde 100644
--- a/src/ExpandVolume/ExpandVolume.c
+++ b/src/ExpandVolume/ExpandVolume.c
@@ -9,7 +9,7 @@
or Copyright (c) 2012-2013 Josef Schneider <josef@netpage.dk>
Modifications and additions to the original source code (contained in this file)
- and all other portions of this file are Copyright (c) 2013-2017 IDRIX
+ and all other portions of this file are Copyright (c) 2013-2025 IDRIX
and are governed by the Apache License 2.0 the full text of which is
contained in the file License.txt included in VeraCrypt binary and source
code distribution packages. */
@@ -105,7 +105,7 @@ int MountVolTemp (HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *pas
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5, pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, FALSE) < 1)
+ if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5, pim, FALSE, FALSE, TRUE, &mountOptions, FALSE, FALSE) < 1)
{
*driveNo = -3;
return ERR_VOL_MOUNT_FAILED;
@@ -390,7 +390,7 @@ int ExtendFileSystem (HWND hwndDlg , wchar_t *lpszVolume, Password *pVolumePassw
// mount and resize file system
- DebugAddProgressDlgStatus (hwndDlg, L"Mounting volume ...\r\n");
+ DebugAddProgressDlgStatus (hwndDlg, GetString("EXPANDER_MOUNTING_VOLUME"));
nStatus=MountVolTemp(hwndDlg, lpszVolume, &driveNo, pVolumePassword, VolumePkcs5, VolumePim);
if (nStatus!=ERR_SUCCESS)
@@ -442,7 +442,13 @@ int ExtendFileSystem (HWND hwndDlg , wchar_t *lpszVolume, Password *pVolumePassw
goto error;
}
- DebugAddProgressDlgStatus (hwndDlg, L"Extending file system ...\r\n");
+ if ((BytesPerSector == 0) || (BytesPerSector > (DWORD)INT_MAX))
+ {
+ nStatus = ERR_SECTOR_SIZE_INCOMPATIBLE;
+ goto error;
+ }
+
+ DebugAddProgressDlgStatus (hwndDlg, GetString("EXPANDER_EXTENDING_FILESYSTEM"));
// extend volume
nStatus = FsctlExtendVolume(szVolumeGUID, newDataAreaSize/BytesPerSector );
@@ -453,7 +459,7 @@ error:
if (driveNo>=0)
{
- DebugAddProgressDlgStatus (hwndDlg, L"Unmounting volume ...\r\n");
+ DebugAddProgressDlgStatus (hwndDlg, GetString("EXPANDER_UNMOUNTING_VOLUME"));
UnmountVolume (hwndDlg, driveNo, TRUE);
}
@@ -502,6 +508,7 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
PCRYPTO_INFO cryptoInfo = NULL, ci = NULL;
void *dev = INVALID_HANDLE_VALUE;
DWORD dwError;
+ DWORD bytesRead;
BOOL bDevice;
uint64 hostSize=0, newDataAreaSize, currentVolSize;
DWORD HostSectorSize;
@@ -511,13 +518,11 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
BOOL bTimeStampValid = FALSE;
LARGE_INTEGER headerOffset;
BOOL backupHeader;
- byte *wipeBuffer = NULL;
+ uint8 *wipeBuffer = NULL;
uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE;
-#ifdef _WIN64
CRYPTO_INFO tmpCI;
PCRYPTO_INFO cryptoInfoBackup = NULL;
BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled();
-#endif
if (pVolumePassword->Length == 0) return -1;
@@ -666,8 +671,13 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
}
/* Read in volume header */
- nStatus = _lread ((HFILE) dev, buffer, sizeof (buffer));
- if (nStatus != sizeof (buffer))
+ if (!ReadEffectiveVolumeHeader (bDevice, dev, buffer, &bytesRead))
+ {
+ nStatus = ERR_OS_ERROR;
+ goto error;
+ }
+
+ if (bytesRead != sizeof (buffer))
{
// Windows may report EOF when reading sectors from the last cluster of a device formatted as NTFS
memset (buffer, 0, sizeof (buffer));
@@ -675,22 +685,26 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
/* Try to decrypt the header */
- nStatus = ReadVolumeHeader (FALSE, buffer, pVolumePassword, VolumePkcs5, VolumePim, FALSE, &cryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer, pVolumePassword, VolumePkcs5, VolumePim, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
+ // if the volume master key is vulnerable, print a warning to inform the user
+ if ((nStatus == 0) && cryptoInfo->bVulnerableMasterKey)
+ {
+ DebugAddProgressDlgStatus(hwndDlg, GetString ("ERR_XTS_MASTERKEY_VULNERABLE_SHORT"));
+ }
+
if (nStatus != 0)
{
cryptoInfo = NULL;
goto error;
}
-#ifdef _WIN64
if (bIsRamEncryptionEnabled)
{
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
}
-#endif
if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)
{
@@ -812,7 +826,7 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
goto error;
}
- DebugAddProgressDlgStatus(hwndDlg, L"Writing random data to new space ...\r\n");
+ DebugAddProgressDlgStatus(hwndDlg, GetString ("EXPANDER_WRITING_RANDOM_DATA"));
SetFormatSectorSize(HostSectorSize);
nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, FALSE);
@@ -853,11 +867,10 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
while ( !cryptoInfo->LegacyVolume )
{
if (backupHeader)
- DebugAddProgressDlgStatus(hwndDlg, L"Writing re-encrypted backup header ...\r\n");
+ DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WRITING_ENCRYPTED_BACKUP"));
else
- DebugAddProgressDlgStatus(hwndDlg, L"Writing re-encrypted primary header ...\r\n");
+ DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WRITING_ENCRYPTED_PRIMARY"));
-#ifdef _WIN64
if (bIsRamEncryptionEnabled)
{
VirtualLock (&tmpCI, sizeof (CRYPTO_INFO));
@@ -866,7 +879,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI;
}
-#endif
// Prepare new volume header
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
@@ -887,14 +899,12 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfo->SectorSize,
FALSE ); // use slow poll
-#ifdef _WIN64
if (bIsRamEncryptionEnabled)
{
cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO));
}
-#endif
if (ci != NULL)
crypto_close (ci);
@@ -927,7 +937,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
PCRYPTO_INFO dummyInfo = NULL;
LARGE_INTEGER hiddenOffset;
-#ifdef _WIN64
if (bIsRamEncryptionEnabled)
{
VirtualLock (&tmpCI, sizeof (CRYPTO_INFO));
@@ -936,17 +945,14 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI;
}
-#endif
nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader);
-#ifdef _WIN64
if (bIsRamEncryptionEnabled)
{
cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO));
}
-#endif
if (nStatus != ERR_SUCCESS)
goto error;
@@ -1011,9 +1017,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
/* wipe old backup header */
if ( !cryptoInfo->LegacyVolume )
{
- byte wipeRandChars [TC_WIPE_RAND_CHAR_COUNT];
- byte wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT];
- byte wipePass;
+ uint8 wipeRandChars [TC_WIPE_RAND_CHAR_COUNT];
+ uint8 wipeRandCharsUpdate [TC_WIPE_RAND_CHAR_COUNT];
+ uint8 wipePass;
UINT64_STRUCT unitNo;
LARGE_INTEGER offset;
WipeAlgorithmId wipeAlgorithm = TC_WIPE_35_GUTMANN;
@@ -1026,9 +1032,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
goto error;
}
- DebugAddProgressDlgStatus(hwndDlg, L"Wiping old backup header ...\r\n");
+ DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WIPING_OLD_HEADER"));
- wipeBuffer = (byte *) TCalloc (workChunkSize);
+ wipeBuffer = (uint8 *) TCalloc (workChunkSize);
if (!wipeBuffer)
{
nStatus = ERR_OUTOFMEMORY;