VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Driver/DriveFilter.c32
1 files changed, 20 insertions, 12 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index b8aad224..47a592dd 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -135,6 +135,7 @@ NTSTATUS LoadBootArguments ()
burn (BootLoaderFingerprint, sizeof (BootLoaderFingerprint));
MmUnmapIoSpace (mappedBootArgs, sizeof (BootArguments));
+ // Extra parameters? (pkcs5, hash)
if (BootArgs.CryptoInfoLength > 0)
{
PHYSICAL_ADDRESS cryptoInfoAddress;
@@ -146,11 +147,12 @@ NTSTATUS LoadBootArguments ()
{
/* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
- BootPkcs5 = pBootCryptoInfo->pkcs5;
+ BootPkcs5 = pBootCryptoInfo->pkcs5; // save hash to speed up boot.
BootSecRegionData = NULL;
BootSecRegionSize = 0;
+ // SecRegion data?
if(BootArgs.CryptoInfoLength > (sizeof(BOOT_CRYPTO_HEADER) + sizeof(SECREGION_BOOT_PARAMS)) ) {
uint32 crc;
PHYSICAL_ADDRESS SecRegionAddress;
@@ -159,25 +161,27 @@ NTSTATUS LoadBootArguments ()
SecRegionAddress.QuadPart = SecRegionParams->Ptr;
Dump ("SecRegion memory 0x%x %d\n", SecRegionAddress.LowPart, SecRegionParams->Size);
-
+ // SecRegion correct?
if( (SecRegionParams->Ptr != 0) && (SecRegionParams->Size > 0)) {
crc = GetCrc32((byte*)SecRegionParams, 12);
if(crc == SecRegionParams->Crc) {
Dump ("SecRegion crc ok\n");
secRegionData = MmMapIoSpace (SecRegionAddress, SecRegionParams->Size, MmCached);
- BootSecRegionData = TCalloc (SecRegionParams->Size);
- if(BootSecRegionData != NULL) {
- BootSecRegionSize = SecRegionParams->Size;
- memcpy(BootSecRegionData, secRegionData, SecRegionParams->Size);
+ if(secRegionData) {
+ BootSecRegionData = TCalloc (SecRegionParams->Size);
+ if(BootSecRegionData != NULL) {
+ BootSecRegionSize = SecRegionParams->Size;
+ memcpy(BootSecRegionData, secRegionData, SecRegionParams->Size);
+ }
+ burn (secRegionData, SecRegionParams->Size);
+ MmUnmapIoSpace (secRegionData, SecRegionParams->Size);
}
- burn (secRegionData, SecRegionParams->Size);
- MmUnmapIoSpace (secRegionData, SecRegionParams->Size);
}
- // Erase boot loader scheduled keys
- burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
- MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
}
}
+ // Erase boot loader scheduled keys
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
}
}
status = STATUS_SUCCESS;
@@ -371,6 +375,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
+ // Check disk MBR id and GPT ID if BootSecRegion is available to detect boot drive
if (BootSecRegionData != NULL && BootSecRegionSize >= 1024) {
byte mbr[TC_SECTOR_SIZE_BIOS];
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
@@ -388,8 +393,10 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
header = TCalloc (TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
if (!header)
return STATUS_INSUFFICIENT_RESOURCES;
+ // Copy header from SecRegion instead of read from disk
memcpy(header, BootSecRegionData, 512);
- // Set extra data for the disk
+
+ // Set SecRegion data for the disk (sectors to substitute to hide GPT table)
Extension->Queue.SecRegionData = BootSecRegionData;
Extension->Queue.SecRegionSize = BootSecRegionSize;
} else {
@@ -538,6 +545,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
BootDriveFound = Extension->BootDrive = Extension->DriveMounted = Extension->VolumeHeaderPresent = TRUE;
BootDriveFilterExtension->MagicNumber = TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC_NUMBER;
+ // Try to load password cached if saved in SecRegion
if (BootSecRegionData != NULL && BootSecRegionSize > 1024) {
DCS_DISK_ENTRY_LIST* DeList = (DCS_DISK_ENTRY_LIST*)(BootSecRegionData + 512);
uint32 crc;