VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Main/UserPreferences.cpp
blob: b8a4d70470286ec2c04ba2c832cbe1d74a67c140 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235

/*
 Copyright (c) 2008 TrueCrypt Developers Association. All rights reserved.

 Governed by the TrueCrypt License 3.0 the full text of which is contained in
 the file License.txt included in TrueCrypt binary and source code distribution
 packages.
*/

#include "System.h"
#include "Main/Application.h"
#include "UserPreferences.h"
#include "Xml.h"

namespace VeraCrypt
{
	void UserPreferences::SetValue (const wxString &cfgText, bool &cfgVar)
	{
		if (cfgText == L"0")
			cfgVar = false;
		else if (cfgText == L"1")
			cfgVar = true;
	}

	void UserPreferences::SetValue (const wxString &cfgText, int &cfgVar)
	{
		if (cfgText.empty())
			cfgVar = 0;
		else
			cfgVar = StringConverter::ToUInt32 (wstring (cfgText));
	}
	
	void UserPreferences::SetValue (const wxString &cfgText, uint64 &cfgVar)
	{
		if (cfgText.empty())
			cfgVar = 0;
		else
			cfgVar = StringConverter::ToUInt64 (wstring (cfgText));
	}

	void UserPreferences::SetValue (const wxString &cfgText, wstring &cfgVar)
	{
		cfgVar = cfgText;
	}

	void UserPreferences::SetValue (const wxString &cfgText, wxString &cfgVar)
	{
		cfgVar = cfgText;
	}

	void UserPreferences::SetValue (const wxString &cfgText, FilesystemPath &cfgVar)
	{
		cfgVar = wstring (cfgText);
	}

	void UserPreferences::Load()
	{
		// Preferences
		FilePath cfgPath = Application::GetConfigFilePath (GetPreferencesFileName());
		if (cfgPath.IsFile())
		{
			map <wxString, wxString> configMap;
			foreach (XmlNode node, XmlParser (cfgPath).GetNodes (L"config"))
			{
				configMap[node.Attributes[L"key"]] = node.InnerText;
			}

#define TC_CONFIG_SET(NAME) SetValue (configMap[L###NAME], NAME)

			TC_CONFIG_SET (BackgroundTaskEnabled);
			TC_CONFIG_SET (BackgroundTaskMenuDismountItemsEnabled);
			TC_CONFIG_SET (BackgroundTaskMenuMountItemsEnabled);
			TC_CONFIG_SET (BackgroundTaskMenuOpenItemsEnabled);
			TC_CONFIG_SET (BeepAfterHotkeyMountDismount);
			SetValue (configMap[L"CachePasswords"], DefaultMountOptions.CachePassword);
			TC_CONFIG_SET (CloseBackgroundTaskOnNoVolumes);
			TC_CONFIG_SET (CloseExplorerWindowsOnDismount);
			TC_CONFIG_SET (CloseSecurityTokenSessionsAfterMount);
			TC_CONFIG_SET (DisableKernelEncryptionModeWarning);
			TC_CONFIG_SET (DismountOnInactivity);
			TC_CONFIG_SET (DismountOnLogOff);
			TC_CONFIG_SET (DismountOnPowerSaving);
			TC_CONFIG_SET (DismountOnScreenSaver);
			TC_CONFIG_SET (DisplayMessageAfterHotkeyDismount);
			TC_CONFIG_SET (BackgroundTaskEnabled);
			SetValue (configMap[L"FilesystemOptions"], DefaultMountOptions.FilesystemOptions);
			TC_CONFIG_SET (ForceAutoDismount);
			TC_CONFIG_SET (LastSelectedSlotNumber);
			TC_CONFIG_SET (MaxVolumeIdleTime);
			TC_CONFIG_SET (MountDevicesOnLogon);
			TC_CONFIG_SET (MountFavoritesOnLogon);

			bool readOnly;
			SetValue (configMap[L"MountVolumesReadOnly"], readOnly);
			DefaultMountOptions.Protection = readOnly ? VolumeProtection::ReadOnly : VolumeProtection::None;

			SetValue (configMap[L"MountVolumesRemovable"], DefaultMountOptions.Removable);
			SetValue (configMap[L"NoHardwareCrypto"], DefaultMountOptions.NoHardwareCrypto);
			SetValue (configMap[L"NoKernelCrypto"], DefaultMountOptions.NoKernelCrypto);
			TC_CONFIG_SET (OpenExplorerWindowAfterMount);
			SetValue (configMap[L"PreserveTimestamps"], DefaultMountOptions.PreserveTimestamps);
			TC_CONFIG_SET (SaveHistory);
			SetValue (configMap[L"SecurityTokenLibrary"], SecurityTokenModule);
			TC_CONFIG_SET (StartOnLogon);
			TC_CONFIG_SET (UseKeyfiles);
			TC_CONFIG_SET (WipeCacheOnAutoDismount);
			TC_CONFIG_SET (WipeCacheOnClose);
		}

		// Default keyfiles
		cfgPath = Application::GetConfigFilePath (GetDefaultKeyfilesFileName());
		if (cfgPath.IsFile())
		{
			foreach (const XmlNode &node, XmlParser (cfgPath).GetNodes (L"keyfile"))
			{
				DefaultKeyfiles.push_back (make_shared <Keyfile> ((wstring) node.InnerText));
			}
		}
		
#ifdef TC_WINDOWS
		// Hotkeys
		Hotkeys = Hotkey::LoadList();
#endif
	}

	void UserPreferences::Save() const
	{
		// Preferences
		class ConfigXmlFormatter
		{
		public:
			void AddEntry (const wchar_t *key, const wxString &value)
			{
				if (!value.empty())
				{
					XmlNode config (L"config");
					config.Attributes[L"key"] = key;
					config.InnerText = value;
					XmlConfig.InnerNodes.push_back (config);
				}
			}

			void AddEntry (const wchar_t *key, bool value)
			{
				AddEntry (key, wxString (value ? L"1" : L"0"));
			}

			void AddEntry (const wchar_t *key, int value)
			{
				wstringstream s;
				s << value;
				AddEntry (key, s.str());
			}

			void AddEntry (const wchar_t *key, uint64 value)
			{
				wstringstream s;
				s << value;
				AddEntry (key, s.str());
			}

			XmlNode XmlConfig;
		};

		ConfigXmlFormatter formatter;
		formatter.XmlConfig.Name = L"configuration";

#define TC_CONFIG_ADD(NAME) formatter.AddEntry (L###NAME, NAME)

		TC_CONFIG_ADD (BackgroundTaskEnabled);
		TC_CONFIG_ADD (BackgroundTaskMenuDismountItemsEnabled);
		TC_CONFIG_ADD (BackgroundTaskMenuMountItemsEnabled);
		TC_CONFIG_ADD (BackgroundTaskMenuOpenItemsEnabled);
		TC_CONFIG_ADD (BeepAfterHotkeyMountDismount);
		formatter.AddEntry (L"CachePasswords", DefaultMountOptions.CachePassword);
		TC_CONFIG_ADD (CloseBackgroundTaskOnNoVolumes);
		TC_CONFIG_ADD (CloseExplorerWindowsOnDismount);
		TC_CONFIG_ADD (CloseSecurityTokenSessionsAfterMount);
		TC_CONFIG_ADD (DisableKernelEncryptionModeWarning);
		TC_CONFIG_ADD (DismountOnInactivity);
		TC_CONFIG_ADD (DismountOnLogOff);
		TC_CONFIG_ADD (DismountOnPowerSaving);
		TC_CONFIG_ADD (DismountOnScreenSaver);
		TC_CONFIG_ADD (DisplayMessageAfterHotkeyDismount);
		TC_CONFIG_ADD (BackgroundTaskEnabled);
		formatter.AddEntry (L"FilesystemOptions", DefaultMountOptions.FilesystemOptions);
		TC_CONFIG_ADD (ForceAutoDismount);
		TC_CONFIG_ADD (LastSelectedSlotNumber);
		TC_CONFIG_ADD (MaxVolumeIdleTime);
		TC_CONFIG_ADD (MountDevicesOnLogon);
		TC_CONFIG_ADD (MountFavoritesOnLogon);
		formatter.AddEntry (L"MountVolumesReadOnly", DefaultMountOptions.Protection == VolumeProtection::ReadOnly);
		formatter.AddEntry (L"MountVolumesRemovable", DefaultMountOptions.Removable);
		formatter.AddEntry (L"NoHardwareCrypto", DefaultMountOptions.NoHardwareCrypto);
		formatter.AddEntry (L"NoKernelCrypto", DefaultMountOptions.NoKernelCrypto);
		TC_CONFIG_ADD (OpenExplorerWindowAfterMount);
		formatter.AddEntry (L"PreserveTimestamps", DefaultMountOptions.PreserveTimestamps);
		TC_CONFIG_ADD (SaveHistory);
		formatter.AddEntry (L"SecurityTokenLibrary", wstring (SecurityTokenModule));
		TC_CONFIG_ADD (StartOnLogon);
		TC_CONFIG_ADD (UseKeyfiles);
		TC_CONFIG_ADD (WipeCacheOnAutoDismount);
		TC_CONFIG_ADD (WipeCacheOnClose);

		XmlWriter writer (Application::GetConfigFilePath (GetPreferencesFileName(), true));
		writer.WriteNode (formatter.XmlConfig);
		writer.Close();

		// Default keyfiles
		FilePath keyfilesCfgPath = Application::GetConfigFilePath (GetDefaultKeyfilesFileName(), true);
		
		if (DefaultKeyfiles.empty())
		{
			if (keyfilesCfgPath.IsFile())
				keyfilesCfgPath.Delete();
		}
		else
		{
			XmlNode keyfilesXml (L"defaultkeyfiles");

			foreach_ref (const Keyfile &keyfile, DefaultKeyfiles)
			{
				keyfilesXml.InnerNodes.push_back (XmlNode (L"keyfile", wxString (wstring(FilesystemPath (keyfile)))));
			}

			XmlWriter keyfileWriter (keyfilesCfgPath);
			keyfileWriter.WriteNode (keyfilesXml);
			keyfileWriter.Close();
		}

#ifdef TC_WINDOWS
		// Hotkeys
		Hotkey::SaveList (Hotkeys);
#endif
	}
}
; if (GetMaxPkcs5OutSize() > RNG_POOL_SIZE) TC_THROW_FATAL_EXCEPTION; if(bRandDidInit) return 0; InitializeCriticalSection (&critRandProt); bRandDidInit = TRUE; CryptoAPILastError = ERROR_SUCCESS; if (pRandPool == NULL) { pRandPool = (unsigned char *) TCalloc (RANDOMPOOL_ALLOCSIZE); if (pRandPool == NULL) goto error; bDidSlowPoll = FALSE; RandomPoolEnrichedByUser = FALSE; memset (pRandPool, 0, RANDOMPOOL_ALLOCSIZE); VirtualLock (pRandPool, RANDOMPOOL_ALLOCSIZE); } hKeyboard = SetWindowsHookEx (WH_KEYBOARD, (HOOKPROC)&KeyboardProc, NULL, GetCurrentThreadId ()); if (hKeyboard == 0) handleWin32Error (0, SRC_POS); hMouse = SetWindowsHookEx (WH_MOUSE, (HOOKPROC)&MouseProc, NULL, GetCurrentThreadId ()); if (hMouse == 0) { handleWin32Error (0, SRC_POS); goto error; } if (!CryptAcquireContext (&hCryptProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { CryptoAPIAvailable = FALSE; CryptoAPILastError = GetLastError (); goto error; } else CryptoAPIAvailable = TRUE; if (!(PeriodicFastPollThreadHandle = (HANDLE) _beginthreadex (NULL, 0, PeriodicFastPollThreadProc, NULL, 0, NULL))) goto error; return 0; error: dwLastError = GetLastError(); RandStop (TRUE); SetLastError (dwLastError); return 1; } /* Close everything down, including the thread which is closed down by setting a flag which eventually causes the thread function to exit */ void RandStop (BOOL freePool) { if (!bRandDidInit && freePool && pRandPool) goto freePool; if (bRandDidInit == FALSE) return; EnterCriticalSection (&critRandProt); if (hMouse != 0) UnhookWindowsHookEx (hMouse); if (hKeyboard != 0) UnhookWindowsHookEx (hKeyboard); bThreadTerminate = TRUE; LeaveCriticalSection (&critRandProt); if (PeriodicFastPollThreadHandle) WaitForSingleObject (PeriodicFastPollThreadHandle, INFINITE); if (hNetAPI32 != 0) { FreeLibrary (hNetAPI32); hNetAPI32 = NULL; } if (CryptoAPIAvailable) { CryptReleaseContext (hCryptProv, 0); CryptoAPIAvailable = FALSE; CryptoAPILastError = ERROR_SUCCESS; } hMouse = NULL; hKeyboard = NULL; bThreadTerminate = FALSE; DeleteCriticalSection (&critRandProt); bRandDidInit = FALSE; freePool: if (freePool) { bDidSlowPoll = FALSE; RandomPoolEnrichedByUser = FALSE; if (pRandPool != NULL) { burn (pRandPool, RANDOMPOOL_ALLOCSIZE); TCfree (pRandPool); pRandPool = NULL; } } } BOOL IsRandomNumberGeneratorStarted () { return bRandDidInit; } void RandSetHashFunction (int hash_algo_id) { if (HashIsDeprecated (hash_algo_id)) hash_algo_id = DEFAULT_HASH_ALGORITHM; HashFunction = hash_algo_id; } int RandGetHashFunction (void) { return HashFunction; } void SetRandomPoolEnrichedByUserStatus (BOOL enriched) { RandomPoolEnrichedByUser = enriched; } BOOL IsRandomPoolEnrichedByUser () { return RandomPoolEnrichedByUser; } /* The random pool mixing function */ BOOL Randmix () { if (bRandmixEnabled) { unsigned char hashOutputBuffer [MAX_DIGESTSIZE]; WHIRLPOOL_CTX wctx; RMD160_CTX rctx; sha512_ctx sctx; sha256_ctx s256ctx; int poolIndex, digestIndex, digestSize; switch (HashFunction) { case RIPEMD160: digestSize = RIPEMD160_DIGESTSIZE; break; case SHA512: digestSize = SHA512_DIGESTSIZE; break; case SHA256: digestSize = SHA256_DIGESTSIZE; break; case WHIRLPOOL: digestSize = WHIRLPOOL_DIGESTSIZE; break; default: TC_THROW_FATAL_EXCEPTION; } if (RNG_POOL_SIZE % digestSize) TC_THROW_FATAL_EXCEPTION; for (poolIndex = 0; poolIndex < RNG_POOL_SIZE; poolIndex += digestSize) { /* Compute the message digest of the entire pool using the selected hash function. */ switch (HashFunction) { case RIPEMD160: RMD160Init(&rctx); RMD160Update(&rctx, pRandPool, RNG_POOL_SIZE); RMD160Final(hashOutputBuffer, &rctx); break; case SHA512: sha512_begin (&sctx); sha512_hash (pRandPool, RNG_POOL_SIZE, &sctx); sha512_end (hashOutputBuffer, &sctx); break; case SHA256: sha256_begin (&s256ctx); sha256_hash (pRandPool, RNG_POOL_SIZE, &s256ctx); sha256_end (hashOutputBuffer, &s256ctx); break; case WHIRLPOOL: WHIRLPOOL_init (&wctx); WHIRLPOOL_add (pRandPool, RNG_POOL_SIZE * 8, &wctx); WHIRLPOOL_finalize (&wctx, hashOutputBuffer); break; default: // Unknown/wrong ID TC_THROW_FATAL_EXCEPTION; } /* XOR the resultant message digest to the pool at the poolIndex position. */ for (digestIndex = 0; digestIndex < digestSize; digestIndex++) { pRandPool [poolIndex + digestIndex] ^= hashOutputBuffer [digestIndex]; } } /* Prevent leaks */ burn (hashOutputBuffer, MAX_DIGESTSIZE); switch (HashFunction) { case RIPEMD160: burn (&rctx, sizeof(rctx)); break; case SHA512: burn (&sctx, sizeof(sctx)); break; case SHA256: burn (&s256ctx, sizeof(s256ctx)); break; case WHIRLPOOL: burn (&wctx, sizeof(wctx)); break; default: // Unknown/wrong ID TC_THROW_FATAL_EXCEPTION; } } return TRUE; } /* Add a buffer to the pool */ void RandaddBuf (void *buf, int len) { int i; for (i = 0; i < len; i++) { RandaddByte (((unsigned char *) buf)[i]); } } BOOL RandpeekBytes (void* hwndDlg, unsigned char *buf, int len) { if (!bRandDidInit) return FALSE; if (len > RNG_POOL_SIZE) { Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); len = RNG_POOL_SIZE; } EnterCriticalSection (&critRandProt); memcpy (buf, pRandPool, len); LeaveCriticalSection (&critRandProt); return TRUE; } /* Get len random bytes from the pool (max. RNG_POOL_SIZE bytes per a single call) */ BOOL RandgetBytes (void* hwndDlg, unsigned char *buf, int len, BOOL forceSlowPoll) { return RandgetBytesFull (hwndDlg, buf, len, forceSlowPoll, FALSE); } /* Get len random bytes from the pool. * If allowAnyLength is FALSE, then len must be less or equal to RNG_POOL_SIZE * If allowAnyLength is TRUE, then len can have any positive value */ BOOL RandgetBytesFull ( void* hwndDlg, unsigned char *buf , int len, BOOL forceSlowPoll , BOOL allowAnyLength) { int i, looplen; BOOL ret = TRUE; if (!bRandDidInit || HashFunction == 0) TC_THROW_FATAL_EXCEPTION; EnterCriticalSection (&critRandProt); if (bDidSlowPoll == FALSE || forceSlowPoll) { if (!SlowPoll ()) { handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); ret = FALSE; } else bDidSlowPoll = TRUE; } if (!FastPoll ()) { handleError ((HWND) hwndDlg, ERR_CAPI_INIT_FAILED, SRC_POS); ret = FALSE; } /* There's never more than RNG_POOL_SIZE worth of randomess */ if ( (!allowAnyLength) && (len > RNG_POOL_SIZE)) { Error ("ERR_NOT_ENOUGH_RANDOM_DATA", (HWND) hwndDlg); len = RNG_POOL_SIZE; LeaveCriticalSection (&critRandProt); return FALSE; } while (len > 0) { if (len > RNG_POOL_SIZE) { looplen = RNG_POOL_SIZE; len -= RNG_POOL_SIZE; } else { looplen = len; len = 0; } // this loop number of bytes is copied from pool to output buffer, // pool is rehashed, and output buffer is XORed with new data from pool for (i = 0; i < looplen; i++) { buf[i] = pRandPool[randPoolReadIndex++]; if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; } /* Invert the pool */ for (i = 0; i < RNG_POOL_SIZE / 4; i++) { ((unsigned __int32 *) pRandPool)[i] = ~((unsigned __int32 *) pRandPool)[i]; } // Mix the pool if (!FastPoll ()) ret = FALSE; // XOR the current pool content into the output buffer to prevent pool state leaks for (i = 0; i < looplen; i++) { buf[i] ^= pRandPool[randPoolReadIndex++]; if (randPoolReadIndex == RNG_POOL_SIZE) randPoolReadIndex = 0; } // increment the pointer for the next loop buf += looplen; } LeaveCriticalSection (&critRandProt); if (!ret) TC_THROW_FATAL_EXCEPTION; return ret; } /* Capture the mouse, and as long as the event is not the same as the last two events, add the crc of the event, and the crc of the time difference between this event and the last + the current time to the pool. The role of CRC-32 is merely to perform diffusion. Note that the output of CRC-32 is subsequently processed using a cryptographically secure hash algorithm. */ LRESULT CALLBACK MouseProc (int nCode, WPARAM wParam, LPARAM lParam) { static DWORD dwLastTimer; static unsigned __int32 lastCrc, lastCrc2; MOUSEHOOKSTRUCT *lpMouse = (MOUSEHOOKSTRUCT *) lParam; if (nCode < 0) return CallNextHookEx (hMouse, nCode, wParam, lParam); else { DWORD dwTimer = GetTickCount (); DWORD j = dwLastTimer - dwTimer; unsigned __int32 crc = 0L; int i; dwLastTimer = dwTimer; for (i = 0; i < sizeof (MOUSEHOOKSTRUCT); i++) { crc = UPDC32 (((unsigned char *) lpMouse)[i], crc); } if (crc != lastCrc && crc != lastCrc2) { unsigned __int32 timeCrc = 0L; for (i = 0; i < 4; i++) { timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); } for (i = 0; i < 4; i++) { timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); } EnterCriticalSection (&critRandProt); RandaddInt32 ((unsigned __int32) (crc + timeCrc)); LeaveCriticalSection (&critRandProt); } lastCrc2 = lastCrc; lastCrc = crc; } return 0; } /* Capture the keyboard, as long as the event is not the same as the last two events, add the crc of the event to the pool along with the crc of the time difference between this event and the last. The role of CRC-32 is merely to perform diffusion. Note that the output of CRC-32 is subsequently processed using a cryptographically secure hash algorithm. */ LRESULT CALLBACK KeyboardProc (int nCode, WPARAM wParam, LPARAM lParam) { static int lLastKey, lLastKey2; static DWORD dwLastTimer; int nKey = (lParam & 0x00ff0000) >> 16; int nCapture = 0; if (nCode < 0) return CallNextHookEx (hMouse, nCode, wParam, lParam); if ((lParam & 0x0000ffff) == 1 && !(lParam & 0x20000000) && (lParam & 0x80000000)) { if (nKey != lLastKey) nCapture = 1; /* Capture this key */ else if (nKey != lLastKey2) nCapture = 1; /* Allow for one repeat */ } if (nCapture) { DWORD dwTimer = GetTickCount (); DWORD j = dwLastTimer - dwTimer; unsigned __int32 timeCrc = 0L; int i; dwLastTimer = dwTimer; lLastKey2 = lLastKey; lLastKey = nKey; for (i = 0; i < 4; i++) { timeCrc = UPDC32 (((unsigned char *) &j)[i], timeCrc); } for (i = 0; i < 4; i++) { timeCrc = UPDC32 (((unsigned char *) &dwTimer)[i], timeCrc); } EnterCriticalSection (&critRandProt); RandaddInt32 ((unsigned __int32) (GetCrc32((unsigned char*) &lParam, sizeof(lParam)) + timeCrc)); LeaveCriticalSection (&critRandProt); } return CallNextHookEx (hMouse, nCode, wParam, lParam); } /* This is the thread function which will poll the system for randomness */ static unsigned __stdcall PeriodicFastPollThreadProc (void *dummy) { UNREFERENCED_PARAMETER (dummy); /* Remove unused parameter warning */ for (;;) { EnterCriticalSection (&critRandProt); if (bThreadTerminate) { bThreadTerminate = FALSE; LeaveCriticalSection (&critRandProt); _endthreadex (0); } else if (bFastPollEnabled) { FastPoll (); } LeaveCriticalSection (&critRandProt); Sleep (FASTPOLL_INTERVAL); } } /* Type definitions for function pointers to call NetAPI32 functions */ typedef DWORD (WINAPI * NETSTATISTICSGET) (LPWSTR szServer, LPWSTR szService, DWORD dwLevel, DWORD dwOptions, LPBYTE * lpBuffer); typedef DWORD (WINAPI * NETAPIBUFFERSIZE) (LPVOID lpBuffer, LPDWORD cbBuffer); typedef DWORD (WINAPI * NETAPIBUFFERFREE) (LPVOID lpBuffer); NETSTATISTICSGET pNetStatisticsGet = NULL; NETAPIBUFFERSIZE pNetApiBufferSize = NULL; NETAPIBUFFERFREE pNetApiBufferFree = NULL; /* This is the slowpoll function which gathers up network/hard drive performance data for the random pool */ BOOL SlowPoll (void) { static int isWorkstation = -1; static int cbPerfData = 0x10000; HANDLE hDevice; LPBYTE lpBuffer; DWORD dwSize, status; LPWSTR lpszLanW, lpszLanS; int nDrive; /* Find out whether this is an NT server or workstation if necessary */ if (isWorkstation == -1) { HKEY hKey; if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Control\\ProductOptions", 0, KEY_READ, &hKey) == ERROR_SUCCESS) { unsigned char szValue[32]; dwSize = sizeof (szValue); isWorkstation = TRUE; status = RegQueryValueEx (hKey, "ProductType", 0, NULL, szValue, &dwSize); if (status == ERROR_SUCCESS && _stricmp ((char *) szValue, "WinNT")) /* Note: There are (at least) three cases for ProductType: WinNT = NT Workstation, ServerNT = NT Server, LanmanNT = NT Server acting as a Domain Controller */ isWorkstation = FALSE; RegCloseKey (hKey); } } /* Initialize the NetAPI32 function pointers if necessary */ if (hNetAPI32 == NULL) { /* Obtain a handle to the module containing the Lan Manager functions */ char dllPath[MAX_PATH]; if (GetSystemDirectory (dllPath, MAX_PATH)) { StringCbCatA(dllPath, sizeof(dllPath), "\\NETAPI32.DLL"); } else StringCbCopyA(dllPath, sizeof(dllPath), "C:\\Windows\\System32\\NETAPI32.DLL"); hNetAPI32 = LoadLibrary (dllPath); if (hNetAPI32 != NULL) { /* Now get pointers to the functions */ pNetStatisticsGet = (NETSTATISTICSGET) GetProcAddress (hNetAPI32, "NetStatisticsGet"); pNetApiBufferSize = (NETAPIBUFFERSIZE) GetProcAddress (hNetAPI32, "NetApiBufferSize"); pNetApiBufferFree = (NETAPIBUFFERFREE) GetProcAddress (hNetAPI32, "NetApiBufferFree"); /* Make sure we got valid pointers for every NetAPI32 function */ if (pNetStatisticsGet == NULL || pNetApiBufferSize == NULL || pNetApiBufferFree == NULL) { /* Free the library reference and reset the static handle */ FreeLibrary (hNetAPI32); hNetAPI32 = NULL; } } } /* Get network statistics. Note: Both NT Workstation and NT Server by default will be running both the workstation and server services. The heuristic below is probably useful though on the assumption that the majority of the network traffic will be via the appropriate service */ lpszLanW = (LPWSTR) WIDE ("LanmanWorkstation"); lpszLanS = (LPWSTR) WIDE ("LanmanServer"); if (hNetAPI32 && pNetStatisticsGet (NULL, isWorkstation ? lpszLanW : lpszLanS, 0, 0, &lpBuffer) == 0) { pNetApiBufferSize (lpBuffer, &dwSize); RandaddBuf ((unsigned char *) lpBuffer, dwSize); pNetApiBufferFree (lpBuffer); } /* Get disk I/O statistics for all the hard drives */ for (nDrive = 0;; nDrive++) { DISK_PERFORMANCE diskPerformance; char szDevice[24]; /* Check whether we can access this device */ StringCbPrintfA (szDevice, sizeof(szDevice), "\\\\.\\PhysicalDrive%d", nDrive); hDevice = CreateFile (szDevice, 0, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL); if (hDevice == INVALID_HANDLE_VALUE) break; /* Note: This only works if you have turned on the disk performance counters with 'diskperf -y'. These counters are off by default */ if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0, &diskPerformance, sizeof (DISK_PERFORMANCE), &dwSize, NULL)) { RandaddBuf ((unsigned char *) &diskPerformance, dwSize); } CloseHandle (hDevice); } // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but // we keep the check for clarity purpose if ( !CryptoAPIAvailable ) return FALSE; if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) { RandaddBuf (buffer, sizeof (buffer)); burn(buffer, sizeof (buffer)); Randmix(); return TRUE; } else { /* return error in case CryptGenRandom fails */ CryptoAPILastError = GetLastError (); return FALSE; } } /* This is the fastpoll function which gathers up info by calling various api's */ BOOL FastPoll (void) { int nOriginalRandIndex = nRandIndex; static BOOL addedFixedItems = FALSE; FILETIME creationTime, exitTime, kernelTime, userTime; SIZE_T minimumWorkingSetSize, maximumWorkingSetSize; LARGE_INTEGER performanceCount; MEMORYSTATUS memoryStatus; HANDLE handle; POINT point; /* Get various basic pieces of system information */ RandaddIntPtr (GetActiveWindow ()); /* Handle of active window */ RandaddIntPtr (GetCapture ()); /* Handle of window with mouse capture */ RandaddIntPtr (GetClipboardOwner ()); /* Handle of clipboard owner */ RandaddIntPtr (GetClipboardViewer ()); /* Handle of start of clpbd.viewer list */ RandaddIntPtr (GetCurrentProcess ()); /* Pseudohandle of current process */ RandaddInt32 (GetCurrentProcessId ()); /* Current process ID */ RandaddIntPtr (GetCurrentThread ()); /* Pseudohandle of current thread */ RandaddInt32 (GetCurrentThreadId ()); /* Current thread ID */ RandaddInt32 (GetCurrentTime ()); /* Milliseconds since Windows started */ RandaddIntPtr (GetDesktopWindow ()); /* Handle of desktop window */ RandaddIntPtr (GetFocus ()); /* Handle of window with kb.focus */ RandaddInt32 (GetInputState ()); /* Whether sys.queue has any events */ RandaddInt32 (GetMessagePos ()); /* Cursor pos.for last message */ RandaddInt32 (GetMessageTime ()); /* 1 ms time for last message */ RandaddIntPtr (GetOpenClipboardWindow ()); /* Handle of window with clpbd.open */ RandaddIntPtr (GetProcessHeap ()); /* Handle of process heap */ RandaddIntPtr (GetProcessWindowStation ()); /* Handle of procs window station */ RandaddInt32 (GetQueueStatus (QS_ALLEVENTS)); /* Types of events in input queue */ /* Get multiword system information */ GetCaretPos (&point); /* Current caret position */ RandaddBuf ((unsigned char *) &point, sizeof (POINT)); GetCursorPos (&point); /* Current mouse cursor position */ RandaddBuf ((unsigned char *) &point, sizeof (POINT)); /* Get percent of memory in use, bytes of physical memory, bytes of free physical memory, bytes in paging file, free bytes in paging file, user bytes of address space, and free user bytes */ memoryStatus.dwLength = sizeof (MEMORYSTATUS); GlobalMemoryStatus (&memoryStatus); RandaddBuf ((unsigned char *) &memoryStatus, sizeof (MEMORYSTATUS)); /* Get thread and process creation time, exit time, time in kernel mode, and time in user mode in 100ns intervals */ handle = GetCurrentThread (); GetThreadTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); handle = GetCurrentProcess (); GetProcessTimes (handle, &creationTime, &exitTime, &kernelTime, &userTime); RandaddBuf ((unsigned char *) &creationTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &exitTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &kernelTime, sizeof (FILETIME)); RandaddBuf ((unsigned char *) &userTime, sizeof (FILETIME)); /* Get the minimum and maximum working set size for the current process */ GetProcessWorkingSetSize (handle, &minimumWorkingSetSize, &maximumWorkingSetSize); RandaddIntPtr (minimumWorkingSetSize); RandaddIntPtr (maximumWorkingSetSize); /* The following are fixed for the lifetime of the process so we only add them once */ if (addedFixedItems == 0) { STARTUPINFO startupInfo; /* Get name of desktop, console window title, new window position and size, window flags, and handles for stdin, stdout, and stderr */ startupInfo.cb = sizeof (STARTUPINFO); GetStartupInfo (&startupInfo); RandaddBuf ((unsigned char *) &startupInfo, sizeof (STARTUPINFO)); addedFixedItems = TRUE; } /* The docs say QPC can fail if appropriate hardware is not available. It works on 486 & Pentium boxes, but hasn't been tested for 386 or RISC boxes */ if (QueryPerformanceCounter (&performanceCount)) RandaddBuf ((unsigned char *) &performanceCount, sizeof (LARGE_INTEGER)); else { /* Millisecond accuracy at best... */ DWORD dwTicks = GetTickCount (); RandaddBuf ((unsigned char *) &dwTicks, sizeof (dwTicks)); } // CryptoAPI: We always have a valid CryptoAPI context when we arrive here but // we keep the check for clarity purpose if ( !CryptoAPIAvailable ) return FALSE; if (CryptGenRandom (hCryptProv, sizeof (buffer), buffer)) { RandaddBuf (buffer, sizeof (buffer)); burn (buffer, sizeof(buffer)); } else { /* return error in case CryptGenRandom fails */ CryptoAPILastError = GetLastError (); return FALSE; } /* Apply the pool mixing function */ Randmix(); /* Restore the original pool cursor position. If this wasn't done, mouse coordinates could be written to a limited area of the pool, especially when moving the mouse uninterruptedly. The severity of the problem would depend on the length of data written by FastPoll (if it was equal to the size of the pool, mouse coordinates would be written only to a particular 4-byte area, whenever moving the mouse uninterruptedly). */ nRandIndex = nOriginalRandIndex; return TRUE; }