diff options
Diffstat (limited to 'src/Mount/Mount.c')
| -rw-r--r-- | src/Mount/Mount.c | 235 |
1 files changed, 160 insertions, 75 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 62ac5e0f..f725d32b 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -121,6 +121,10 @@ BOOL ComServerMode = FALSE; BOOL ServiceMode = FALSE; BOOL UsePreferences = TRUE; +BOOL bSystemIsGPT = FALSE; +wchar_t szDefaultRescueDiskName[TC_MAX_PATH+1]; +wchar_t szRescueDiskExtension[4]; + int HiddenSysLeakProtectionNotificationStatus = TC_HIDDEN_OS_READ_ONLY_NOTIF_MODE_NONE; int MaxVolumeIdleTime = -120; int nCurrentShowType = 0; /* current display mode, mount, unmount etc */ @@ -129,7 +133,6 @@ int nSelectedDriveIndex = -1; /* Item number of selected drive */ int cmdUnmountDrive = -2; /* Volume drive letter to unmount (-1 = all) */ Password VolumePassword; /* Password used for mounting volumes */ Password CmdVolumePassword; /* Password passed from command line */ -char CmdTokenPin [SecurityToken::MaxPasswordLength + 1] = {0}; int VolumePkcs5 = 0; int CmdVolumePkcs5 = 0; int VolumePim = -1; @@ -238,7 +241,6 @@ static void localcleanup (void) burn (&mountOptions, sizeof (mountOptions)); burn (&defaultMountOptions, sizeof (defaultMountOptions)); burn (szFileName, sizeof(szFileName)); - burn (&CmdTokenPin, sizeof (CmdTokenPin)); /* Cleanup common code resources */ cleanup (); @@ -348,6 +350,14 @@ static void InitMainDialog (HWND hwndDlg) SetMenuItemInfoW (GetMenu (hwndDlg), i, TRUE, &info); } + { + // disable hidden OS creation for GPT system encryption + if (bSystemIsGPT) + { + EnableMenuItem (GetMenu (hwndDlg), IDM_CREATE_HIDDEN_OS, MF_GRAYED); + } + } + // Disable menu item for changing system header key derivation algorithm until it's implemented EnableMenuItem (GetMenu (hwndDlg), IDM_CHANGE_SYS_HEADER_KEY_DERIV_ALGO, MF_GRAYED); @@ -1083,9 +1093,11 @@ unsigned __int64 GetSysEncDeviceEncryptedPartSize (BOOL bSilent) static void PopulateSysEncContextMenu (HMENU popup, BOOL bToolsOnly) { + SystemDriveConfiguration config; try { BootEncStatus = BootEncObj->GetStatus(); + config = BootEncObj->GetSystemDriveConfiguration(); } catch (Exception &e) { @@ -1316,7 +1328,7 @@ BOOL SelectItem (HWND hTree, wchar_t nLetter) } -static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg) +static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg, BOOL bElevation) { wchar_t t[TC_MAX_PATH + 1024] = {L'"',0}; wchar_t *tmp; @@ -1350,21 +1362,30 @@ static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg) if (!FileExists(t)) Error ("VOL_CREATION_WIZARD_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do - - if (wcslen (arg) > 0) - { - StringCbCatW (t, sizeof(t), L" "); - StringCbCatW (t, sizeof(t), arg); - } - - if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi)) - { - handleWin32Error (hwndDlg, SRC_POS); - } else { - CloseHandle (pi.hProcess); - CloseHandle (pi.hThread); + + if (bElevation && !IsAdmin() && IsUacSupported()) + { + LaunchElevatedProcess (hwndDlg, t, arg); + } + else + { + if (wcslen (arg) > 0) + { + StringCbCatW (t, sizeof(t), L" "); + StringCbCatW (t, sizeof(t), arg); + } + if (!CreateProcess (NULL, (LPWSTR) t, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi)) + { + handleWin32Error (hwndDlg, SRC_POS); + } + else + { + CloseHandle (pi.hProcess); + CloseHandle (pi.hThread); + } + } } } } @@ -2428,10 +2449,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR case IDC_PKCS5_PRF_ID: if (bSysEncPwdChangeDlgMode) { - int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, + int new_hash_algo_id = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - if (new_hash_algo_id != 0 && !HashForSystemEncryption(new_hash_algo_id)) + if (new_hash_algo_id != 0 && !bSystemIsGPT && !HashForSystemEncryption(new_hash_algo_id)) { int new_hash_algo_id = DEFAULT_HASH_ALGORITHM_BOOT; Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", hwndDlg); @@ -2765,7 +2786,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) { - if (HashForSystemEncryption(i)) + if (bSystemIsGPT || HashForSystemEncryption(i)) { nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); @@ -5471,16 +5492,18 @@ static void ChangeSysEncPassword (HWND hwndDlg, BOOL bOnlyChangeKDF) // Initiates or resumes encryption of the system partition/drive static void EncryptSystemDevice (HWND hwndDlg) { + SystemDriveConfiguration config; try { BootEncStatus = BootEncObj->GetStatus(); + config = BootEncObj->GetSystemDriveConfiguration (); } catch (Exception &e) { e.Show (MainDlg); } - if (!BootEncStatus.DriveEncrypted + if (!BootEncStatus.DriveEncrypted && !BootEncStatus.DriveMounted && !SysEncryptionOrDecryptionRequired ()) { @@ -5488,7 +5511,7 @@ static void EncryptSystemDevice (HWND hwndDlg) if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption { - LaunchVolCreationWizard (hwndDlg, L"/sysenc"); + LaunchVolCreationWizard (hwndDlg, L"/sysenc", FALSE); } else Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); @@ -5502,7 +5525,7 @@ static void EncryptSystemDevice (HWND hwndDlg) if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption { - LaunchVolCreationWizard (hwndDlg, L"/sysenc"); + LaunchVolCreationWizard (hwndDlg, L"/sysenc",FALSE); } else Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); @@ -5518,9 +5541,11 @@ static void EncryptSystemDevice (HWND hwndDlg) // Initiates decryption of the system partition/drive static void DecryptSystemDevice (HWND hwndDlg) { + SystemDriveConfiguration config; try { BootEncStatus = BootEncObj->GetStatus(); + config = BootEncObj->GetSystemDriveConfiguration (); } catch (Exception &e) { @@ -5581,8 +5606,8 @@ static void DecryptSystemDevice (HWND hwndDlg) return; } - CloseSysEncMutex (); - LaunchVolCreationWizard (hwndDlg, L"/dsysenc"); + CloseSysEncMutex (); + LaunchVolCreationWizard (hwndDlg, L"/dsysenc", FALSE); } else Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); @@ -5597,7 +5622,7 @@ static void CreateHiddenOS (HWND hwndDlg) // such information, but will exit (displaying only an error meessage). Info("HIDDEN_OS_PREINFO", hwndDlg); - LaunchVolCreationWizard (hwndDlg, L"/isysenc"); + LaunchVolCreationWizard (hwndDlg, L"/isysenc", FALSE); } static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection, BOOL bUseDriveListSel) @@ -5708,7 +5733,7 @@ static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection, if (AskWarnNoYes ("CONFIRM_DECRYPT_NON_SYS_DEVICE_CAUTION", hwndDlg) == IDNO) return; - LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str ()); + LaunchVolCreationWizard (hwndDlg, (wstring (L"/inplacedec \"") + scPath + L"\"").c_str (), FALSE); } // Blindly attempts (without any checks) to instruct the wizard to resume whatever system encryption process @@ -5717,7 +5742,17 @@ static void ResumeInterruptedSysEncProcess (HWND hwndDlg) { if (!MutexExistsOnSystem (TC_MUTEX_NAME_SYSENC)) // If no instance of the wizard is currently taking care of system encryption { - LaunchVolCreationWizard (MainDlg, L"/csysenc"); + SystemDriveConfiguration config; + try + { + config = BootEncObj->GetSystemDriveConfiguration (); + } + catch (Exception &e) + { + e.Show (MainDlg); + } + + LaunchVolCreationWizard (MainDlg, L"/csysenc", FALSE); } else Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); @@ -5772,7 +5807,7 @@ void CreateRescueDisk (HWND hwndDlg) wchar_t initialDir[MAX_PATH]; SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); - if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) + if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, TRUE, NULL, szDefaultRescueDiskName, szRescueDiskExtension)) { CloseSysEncMutex (); return; @@ -5781,17 +5816,25 @@ void CreateRescueDisk (HWND hwndDlg) WaitCursor(); BootEncObj->CreateRescueIsoImage (false, szRescueDiskISO); - StringCbPrintfW (szTmp, sizeof szTmp, - GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"), - szRescueDiskISO); - - if (IsWindowsIsoBurnerAvailable()) + if (bSystemIsGPT) { - if (AskYesNoString (szTmp, hwndDlg) == IDYES) - LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO); + StringCbPrintfW (szTmp, sizeof szTmp, GetString ("RESCUE_DISK_EFI_NON_WIZARD_CREATION"), szRescueDiskISO); + InfoDirect (szTmp, hwndDlg); } else - InfoDirect (szTmp, hwndDlg); + { + StringCbPrintfW (szTmp, sizeof szTmp, + GetString (IsWindowsIsoBurnerAvailable() ? "RESCUE_DISK_NON_WIZARD_CREATION_WIN_ISOBURN" : "RESCUE_DISK_NON_WIZARD_CREATION_BURN"), + szRescueDiskISO); + + if (IsWindowsIsoBurnerAvailable()) + { + if (AskYesNoString (szTmp, hwndDlg) == IDYES) + LaunchWindowsIsoBurner (MainDlg, szRescueDiskISO); + } + else + InfoDirect (szTmp, hwndDlg); + } } catch (Exception &e) { @@ -5806,7 +5849,7 @@ void CreateRescueDisk (HWND hwndDlg) Warning ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", hwndDlg); } -static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) +static void VerifyRescueDisk (HWND hwndDlg, bool checkImageFile) { try { @@ -5837,7 +5880,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) { try { - if (!checkIsoFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK)) + if (!checkImageFile && (AskOkCancel ("RESCUE_DISK_NON_WIZARD_CHECK_INSERT", hwndDlg) != IDOK)) { CloseSysEncMutex (); return; @@ -5847,20 +5890,20 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) BootEncObj->CreateRescueIsoImage (false, L""); - if (checkIsoFile) + if (checkImageFile) { - wchar_t szRescueDiskISO [TC_MAX_PATH+1]; + wchar_t szRescueDiskImage [TC_MAX_PATH+1]; wchar_t initialDir[MAX_PATH]; SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, initialDir); - if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskISO, FALSE, FALSE, NULL, L"VeraCrypt Rescue Disk.iso", L"iso")) + if (!BrowseFilesInDir (hwndDlg, "OPEN_TITLE", initialDir, szRescueDiskImage, FALSE, FALSE, NULL,szDefaultRescueDiskName, szRescueDiskExtension)) { CloseSysEncMutex (); return; } WaitCursor(); - if (!BootEncObj->VerifyRescueDiskIsoImage (szRescueDiskISO)) + if (!BootEncObj->VerifyRescueDiskImage (szRescueDiskImage)) Error ("RESCUE_DISK_ISO_IMAGE_CHECK_FAILED", hwndDlg); else Info ("RESCUE_DISK_ISO_IMAGE_CHECK_PASSED", hwndDlg); @@ -5869,7 +5912,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) { WaitCursor(); if (!BootEncObj->VerifyRescueDisk ()) - Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); else Info ("RESCUE_DISK_NON_WIZARD_CHECK_PASSED", hwndDlg); } @@ -5877,7 +5920,7 @@ static void VerifyRescueDisk (HWND hwndDlg, bool checkIsoFile) catch (Exception &e) { e.Show (MainDlg); - Error ("RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); + Error (bSystemIsGPT? "RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED" : "RESCUE_DISK_NON_WIZARD_CHECK_FAILED", hwndDlg); } CloseSysEncMutex (); @@ -5938,7 +5981,7 @@ static void ResumeInterruptedNonSysInplaceEncProcess (BOOL bDecrypt) // IMPORTANT: This function must not check any config files! Otherwise, if a config file was lost or corrupt, // the user would not be able resume encryption and the data on the volume would be inaccessible. - LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace"); + LaunchVolCreationWizard (MainDlg, bDecrypt? L"/resumeinplacedec" : L"/zinplace", FALSE); } BOOL SelectContainer (HWND hwndDlg) @@ -5991,8 +6034,9 @@ static void WipeCache (HWND hwndDlg, BOOL silent) static void Benchmark (HWND hwndDlg) { + DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg, - (DLGPROC) BenchmarkDlgProc, (LPARAM) NULL); + (DLGPROC) BenchmarkDlgProc, (LPARAM) bSystemIsGPT); } @@ -6389,12 +6433,21 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa BootEncObj->SetParentWindow (hwndDlg); BootEncStatus = BootEncObj->GetStatus(); RecentBootEncStatus = BootEncStatus; + bSystemIsGPT = BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT; } catch (...) { // NOP } + if (bSystemIsGPT) + StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"zip"); + else + StringCbCopyW (szRescueDiskExtension, sizeof (szRescueDiskExtension), L"iso"); + + StringCbCopyW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), L"VeraCrypt Rescue Disk."); + StringCbCatW (szDefaultRescueDiskName, sizeof (szDefaultRescueDiskName), szRescueDiskExtension); + if (UsePreferences) { // General preferences @@ -6513,7 +6566,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa BOOL reportBadPasswd = CmdVolumePassword.Length > 0; if (FirstCmdKeyFile) - KeyFilesApplyWithPin (hwndDlg, &CmdVolumePassword, CmdTokenPin, FirstCmdKeyFile, szFileName); + KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile, szFileName); mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, @@ -6558,7 +6611,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa WaitCursor (); if (KeyFilesEnable && FirstKeyFile) - KeyFilesApplyWithPin (hwndDlg, &VolumePassword, CmdTokenPin, FirstKeyFile, szFileName); + KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName); mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE); @@ -6743,9 +6796,17 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa { // The wizard was not launched during the system startup seq, or the user may have forgotten // to resume the encryption/decryption process. + SystemDriveConfiguration config; + try + { + config = BootEncObj->GetSystemDriveConfiguration (); + } + catch (Exception &e) + { + e.Show (MainDlg); + } - - LaunchVolCreationWizard (hwndDlg, L"/csysenc"); + LaunchVolCreationWizard (hwndDlg, L"/csysenc", FALSE); } } } @@ -7725,7 +7786,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa if (lw == IDC_CREATE_VOLUME || lw == IDM_CREATE_VOLUME || lw == IDM_VOLUME_WIZARD) { - LaunchVolCreationWizard (hwndDlg, L""); + LaunchVolCreationWizard (hwndDlg, L"", FALSE); return 1; } @@ -8015,7 +8076,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa if (lw == IDM_SYSENC_SETTINGS || lw == IDM_SYS_ENC_SETTINGS) { - DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0); + DialogBoxParamW (hInst, MAKEINTRESOURCEW (bSystemIsGPT? IDD_EFI_SYSENC_SETTINGS : IDD_SYSENC_SETTINGS), hwndDlg, (DLGPROC) BootLoaderPreferencesDlgProc, 0); return 1; } @@ -8695,7 +8756,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0}; if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) == HAS_ARGUMENT) { - if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, array_capacity (CmdTokenPin), nullptr, nullptr)) + if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, TC_MAX_PATH, nullptr, nullptr)) AbortProcess ("COMMAND_LINE_ERROR"); } else @@ -8924,7 +8985,6 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz VirtualLock (&mountOptions, sizeof (mountOptions)); VirtualLock (&defaultMountOptions, sizeof (defaultMountOptions)); VirtualLock (&szFileName, sizeof(szFileName)); - VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); DetectX86Features (); @@ -9649,8 +9709,8 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t * OpenVolumeContext hiddenVolume; Password hiddenVolPassword; int hiddenVolPkcs5 = 0, hiddenVolPim = 0; - byte temporaryKey[MASTER_KEYDATA_SIZE]; - byte originalK2[MASTER_KEYDATA_SIZE]; + CRYPTOPP_ALIGN_DATA(16) byte temporaryKey[MASTER_KEYDATA_SIZE]; + CRYPTOPP_ALIGN_DATA(16) byte originalK2[MASTER_KEYDATA_SIZE]; int EffectiveVolumePkcs5 = CmdVolumePkcs5; int EffectiveVolumePim = CmdVolumePim; @@ -10433,16 +10493,17 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM } catch (...) { - BootEncStatus.DriveMounted = false; + BootEncStatus.DriveMounted = false; } - if (BootEncStatus.DriveMounted) + if (BootEncStatus.DriveMounted && !bSystemIsGPT) { byte userConfig; string customUserMessage; uint16 bootLoaderVersion; - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); + if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion)) + return 1; if (bootLoaderVersion != VERSION_NUM) Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); @@ -10452,7 +10513,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM else userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION; - BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); + BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5); } SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION, disableHW); @@ -10766,7 +10827,8 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA { case WM_INITDIALOG: { - if (!BootEncObj->GetStatus().DriveMounted) + BootEncryptionStatus BootEncStatus = BootEncObj->GetStatus(); + if (!BootEncStatus.DriveMounted) { Warning ("SYS_DRIVE_NOT_ENCRYPTED", hwndDlg); EndDialog (hwndDlg, IDCANCEL); @@ -10780,27 +10842,38 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA uint32 driverConfig = ReadDriverConfigurationFlags(); byte userConfig; string customUserMessage; - uint16 bootLoaderVersion; + uint16 bootLoaderVersion = 0; BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE; BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE; - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion); + if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion)) + { + // operations canceled + EndDialog (hwndDlg, IDCANCEL); + return 1; + } if (bootLoaderVersion != VERSION_NUM) Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg); - SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0); - SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str()); + if (bSystemIsGPT) + { + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_STORE_HASH) ? BST_CHECKED : BST_UNCHECKED); + } + else + { + SendMessage (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE), EM_LIMITTEXT, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH, 0); + SetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage.c_str()); + CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED); + CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED); + CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED); + SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP")); + } CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_PIM) ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED); CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED); - CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED); EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled); CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED); - - SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP")); } catch (Exception &e) { @@ -10840,13 +10913,15 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA return 1; } - char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1]; - GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage)); + char customUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH + 1] = {0}; + if (!bSystemIsGPT) + GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage)); byte userConfig; try { - BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig); + if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig)) + return 1; } catch (Exception &e) { @@ -10859,7 +10934,16 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA else userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_PIM; - if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) + if (bSystemIsGPT) + { + if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT)) + userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH; + else + userConfig &= ~TC_BOOT_USER_CFG_FLAG_STORE_HASH; + } + else + { + if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT)) userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE; else userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE; @@ -10868,12 +10952,13 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; else userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC; + } try { BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD); BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM); - BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim); + BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION)); |