Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Windows: implement internal verification of Authenticode digital signature for all modules to protect against simple binaries tampering.

Browse Source
This commit is contained in:
Mounir IDRASSI
2018-04-16 00:23:05 +02:00
parent 9e36039630
commit 0a737c8c87
5 changed files with 231 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
src/Mount/Mount.c
View File

@@ -1507,6 +1507,10 @@ static void LaunchVolCreationWizard (HWND hwndDlg, const wchar_t *arg, BOOL bEle
if (!FileExists(t))
Error ("VOL_CREATION_WIZARD_NOT_FOUND", hwndDlg); // Display a user-friendly error message and advise what to do
else if (!VerifyModuleSignature (t))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
}
else
{
@@ -4425,13 +4429,18 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
goto stop;
}
// Main app 32-bit
// Main app 32-bit
if (Is64BitOs () && !IsNonInstallMode ())
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x86.exe", appDir);
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4443,7 +4452,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt-x64.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt-x64.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4458,7 +4472,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4470,7 +4489,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Format-x64.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCrypt Format-x64.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4486,7 +4510,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4498,7 +4527,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
else
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCryptExpander-x64.exe", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\VeraCryptExpander-x64.exe", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4508,7 +4542,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
// Driver
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt.sys", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt.sys", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;
@@ -4517,7 +4556,12 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
// Driver x64
StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\veracrypt-x64.sys", appDir);
StringCbPrintfW (dstPath, sizeof(dstPath), L"%s\\VeraCrypt\\veracrypt-x64.sys", dstDir);
if (!TCCopyFile (srcPath, dstPath))
if (!VerifyModuleSignature (srcPath))
{
Error ("DIST_PACKAGE_CORRUPTED", hwndDlg);
goto stop;
}
else if (!TCCopyFile (srcPath, dstPath))
{
handleWin32Error (hwndDlg, SRC_POS);
goto stop;