From 2b531dd113812a14df63393b6379f8bfd7056fea Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Fri, 13 Jun 2025 21:12:14 +0900 Subject: [PATCH] Windows: Add an SDK for VeraCrypt Format that allows third-party application to create volumes --- src/Common/BootEncryption.cpp | 8 +- src/Common/Dlgcode.c | 65 +++- src/Common/Dlgcode.h | 3 +- src/Common/Fat.c | 71 ++++- src/Common/Fat.h | 2 +- src/Common/Format.c | 78 ++++- src/Common/Format.h | 7 +- src/Common/Language.c | 4 + src/Common/Random.c | 5 +- src/Format/InPlace.c | 33 -- src/Format/Tcformat.c | 104 +++--- src/Format/Tcformat.h | 2 +- src/FormatDLL/FormatDLL.vcxproj | 291 +++++++++++++++++ src/FormatDLL/FormatDLL.vcxproj.filters | 144 +++++++++ src/FormatDLL/VeraCryptFormatSDK.cpp | 401 ++++++++++++++++++++++++ src/FormatDLL/VeraCryptFormatSDK.h | 136 ++++++++ src/VeraCrypt.sln | 26 ++ 17 files changed, 1241 insertions(+), 139 deletions(-) create mode 100644 src/FormatDLL/FormatDLL.vcxproj create mode 100644 src/FormatDLL/FormatDLL.vcxproj.filters create mode 100644 src/FormatDLL/VeraCryptFormatSDK.cpp create mode 100644 src/FormatDLL/VeraCryptFormatSDK.h diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp index 5ecb91ef..09c3b966 100644 --- a/src/Common/BootEncryption.cpp +++ b/src/Common/BootEncryption.cpp @@ -298,7 +298,7 @@ static BOOL IsWindowsMBR (const uint8 *buffer, size_t bufferSize) namespace VeraCrypt { -#if !defined (SETUP) +#if !defined (SETUP) && !defined (VCSDK_DLL) class Elevator { @@ -755,6 +755,12 @@ namespace VeraCrypt static void WriteEfiBootSectorUserConfig (uint8 userConfig, const string &customUserMessage, int pim, int hashAlg) { throw ParameterIncorrect (SRC_POS); } static void UpdateSetupConfigFile (bool bForInstall) { throw ParameterIncorrect (SRC_POS); } static void GetSecureBootConfig (BOOL* pSecureBootEnabled, BOOL *pVeraCryptKeysLoaded) { throw ParameterIncorrect (SRC_POS); } + static void RegisterSystemFavoritesService(BOOL registerService) { throw ParameterIncorrect(SRC_POS); } + static BOOL IsPagingFileActive(BOOL checkNonWindowsPartitionsOnly) { throw ParameterIncorrect(SRC_POS); } + static void WriteLocalMachineRegistryDwordValue(wchar_t* keyPath, wchar_t* valueName, DWORD value) { throw ParameterIncorrect(SRC_POS); } + static void NotifyService(DWORD dwNotifyCmd) { throw ParameterIncorrect(SRC_POS); } + static void CopyFile(const wstring& sourceFile, const wstring& destinationFile) { throw ParameterIncorrect(SRC_POS); } + static void DeleteFile(const wstring& file) { throw ParameterIncorrect(SRC_POS); } }; #endif // SETUP diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 2e97644c..70f3c119 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -1012,7 +1012,7 @@ BOOL VerifyModuleSignature (const wchar_t* path) DWORD handleWin32Error (HWND hwndDlg, const char* srcPos) { -#ifndef VC_COMREG +#if !defined(VC_COMREG) && !defined(VCSDK_DLL) PWSTR lpMsgBuf; DWORD dwError = GetLastError (); wchar_t szErrorValue[32]; @@ -3675,7 +3675,7 @@ void DoPostInstallTasks (HWND hwndDlg) SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL); } -#ifndef SETUP_DLL +#if !defined(SETUP_DLL) && !defined(VCSDK_DLL) // Use an idea proposed in https://medium.com/@1ndahous3/safe-code-pitfalls-dll-side-loading-winapi-and-c-73baaf48bdf5 // it allows to set safe DLL search mode for the entire process very early on, before even the CRT is initialized and global constructors are called #pragma comment(linker, "/ENTRY:CustomMainCrtStartup") @@ -3715,13 +3715,14 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) WNDCLASSW wc; char langId[6]; SetDefaultDllDirectoriesPtr SetDefaultDllDirectoriesFn = NULL; -#if !defined(SETUP) +#if !defined(SETUP) && !defined(VCSDK_DLL) wchar_t modPath[MAX_PATH]; #endif INITCOMMONCONTROLSEX InitCtrls; InitOSVersionInfo(); +#ifndef VCSDK_DLL if (!IsWin10BuildAtLeast(WIN_10_1809_BUILD)) { // abort using a message that says that VeraCrypt can run only on Windows 10 version 1809 or later @@ -3740,6 +3741,7 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) // This can happen only if KB2533623 is missing from Windows 7 AbortProcessDirect(L"VeraCrypt requires KB2533623 to be installed on Windows 7 and Windows Server 2008 R2 in order to run."); } +#endif VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); @@ -3753,13 +3755,11 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) // Load RichEdit library in order to be able to use RichEdit20W class LoadLibraryEx (L"Riched20.dll", NULL, LOAD_LIBRARY_SEARCH_SYSTEM32); -#if !defined(SETUP) +#if !defined(SETUP) && !defined(VCSDK_DLL) GetModuleFileNameW (NULL, modPath, ARRAYSIZE (modPath)); if (!VerifyModuleSignature (modPath)) AbortProcessDirect (L"This distribution package is damaged. Please try downloading it again (preferably from the official VeraCrypt website at https://veracrypt.jp)."); -#endif -#ifndef SETUP /* enable drag-n-drop when we are running elevated */ AllowMessageInUIPI (WM_DROPFILES); AllowMessageInUIPI (WM_COPYDATA); @@ -3772,7 +3772,7 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) SetErrorMode (SetErrorMode (0) | SEM_FAILCRITICALERRORS | SEM_NOOPENFILEERRORBOX); CoInitializeEx(NULL, COINIT_APARTMENTTHREADED | COINIT_DISABLE_OLE1DDE); -#ifndef SETUP +#if !defined(SETUP) && !defined(VCSDK_DLL) // Application ID SetCurrentProcessExplicitAppUserModelID (TC_APPLICATION_ID); #endif @@ -3781,7 +3781,7 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) langId[0] = 0; SetPreferredLangId (ConfigReadString ("Language", "", langId, sizeof (langId))); -#ifndef SETUP +#if !defined(SETUP) && !defined(VCSDK_DLL) if (langId[0] == 0) { // check if user selected a language during installation @@ -3820,7 +3820,7 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) LoadLanguageFile (); -#ifndef SETUP +#if !defined(SETUP) && !defined(VCSDK_DLL) // UAC elevation moniker cannot be used in portable mode. // A new instance of the application must be created with elevated privileges. if (IsNonInstallMode () && !IsAdmin () && IsUacSupported ()) @@ -3918,7 +3918,7 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) InitHelpFileName (); -#ifndef SETUP +#if !defined(SETUP) && !defined(VCSDK_DLL) EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); if (IsRamEncryptionEnabled()) @@ -10226,7 +10226,7 @@ void CleanLastVisitedMRU (void) } -#ifndef SETUP +#if !defined(SETUP) && !defined(VCSDK_DLL) void ClearHistory (HWND hwndDlgItem) { ArrowWaitCursor (); @@ -12582,7 +12582,7 @@ extern "C" BOOL IsThreadInSecureDesktop(DWORD dwThreadID) return bRet; } - +#ifndef VCSDK_DLL BOOL InitSecurityTokenLibrary (HWND hwndDlg) { if (SecurityTokenLibraryPath[0] == 0) @@ -12648,7 +12648,7 @@ BOOL InitSecurityTokenLibrary (HWND hwndDlg) return TRUE; } - +#endif std::vector GetAvailableHostDevices (bool noDeviceProperties, bool singleList, bool noFloppy, bool detectUnencryptedFilesystems) { vector devices; @@ -15032,7 +15032,7 @@ void SafeOpenURL (LPCWSTR szUrl) } } -#if !defined(SETUP) +#if !defined(SETUP) && !defined(VCSDK_DLL) #define RtlGenRandom SystemFunction036 extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength); @@ -16179,7 +16179,7 @@ cleanup: } #endif -#if !defined(SETUP) && !defined(VC_COMREG) +#if !defined(SETUP) && !defined(VC_COMREG) && !defined(VCSDK_DLL) /* * Screen Protection Functions @@ -16404,4 +16404,37 @@ BOOL AttachProtectionToCurrentThread(HWND hwnd) void DetachProtectionFromCurrentThread() { } -#endif \ No newline at end of file +#endif + +// This function moves the file pointer to the given offset. It first retrieves the current +// file position using SetFilePointerEx() with FILE_CURRENT as the reference point, and then +// calculates the difference between the current position and the desired position. Subsequently, +// it moves the file pointer by the difference calculated using SetFilePointerEx() again. +// +// This approach of moving the file pointer relatively (instead of absolutely) was implemented +// as a workaround to address the performance issues related to in-place encryption. When using +// SetFilePointerEx() with FILE_BEGIN as the reference point, reaching the end of large drives +// during in-place encryption can cause significant slowdowns. By moving the file pointer +// relatively, these performance issues are mitigated. +// +// We fall back to absolute positioning if the relative positioning fails. +BOOL MoveFilePointer(HANDLE dev, LARGE_INTEGER offset) +{ + LARGE_INTEGER currOffset; + LARGE_INTEGER diffOffset; + + currOffset.QuadPart = 0; + if (SetFilePointerEx(dev, currOffset, &currOffset, FILE_CURRENT)) + { + diffOffset.QuadPart = offset.QuadPart - currOffset.QuadPart; + if (diffOffset.QuadPart == 0) + return TRUE; + + // Moves the file pointer by the difference between current and desired positions + if (SetFilePointerEx(dev, diffOffset, NULL, FILE_CURRENT)) + return TRUE; + } + + // An error occurred, fallback to absolute positioning + return SetFilePointerEx(dev, offset, NULL, FILE_BEGIN); +} diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 2e304161..e7d78ce2 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -600,12 +600,13 @@ BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter); BOOL IsTestSigningModeEnabled (); DWORD SendServiceNotification (DWORD dwNotificationCmd); DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize); -#if !defined(SETUP) +#if !defined(SETUP) && !defined(VCSDK_DLL) void GetAppRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed); #endif BOOL IsInternetConnected(); BOOL AttachProtectionToCurrentThread(HWND hwnd); void DetachProtectionFromCurrentThread(); +BOOL MoveFilePointer(HANDLE dev, LARGE_INTEGER offset); #if defined(SETUP) && !defined (PORTABLE) typedef struct _SECURITY_INFO_BACKUP { diff --git a/src/Common/Fat.c b/src/Common/Fat.c index 593207cf..110b13a6 100644 --- a/src/Common/Fat.c +++ b/src/Common/Fat.c @@ -24,6 +24,7 @@ #include "Progress.h" #include "Random.h" #include "Volumes.h" +#include "Dlgcode.h" void GetFatParams (fatparams * ft) @@ -255,7 +256,7 @@ static void PutFSInfo (unsigned char *sector, fatparams *ft) int -FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat, BOOL bDevice) +FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, volatile void *volParamsArg) { int write_buf_cnt = 0; char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; @@ -267,6 +268,9 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void int retVal; CRYPTOPP_ALIGN_DATA(16) char temporaryKey[MASTER_KEYDATA_SIZE]; HWND hwndDlg = (HWND) hwndDlgPtr; + volatile FORMAT_VOL_PARAMETERS* volParams = (volatile FORMAT_VOL_PARAMETERS*)volParamsArg; + BOOL quickFormat = volParams->quickFormat; + BOOL bDevice = volParams->bDevice; LARGE_INTEGER startOffset; LARGE_INTEGER newOffset; @@ -292,7 +296,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void PutBoot (ft, (unsigned char *) sector); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; /* fat32 boot area */ @@ -301,7 +305,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void /* fsinfo */ PutFSInfo((unsigned char *) sector, ft); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; /* reserved */ @@ -311,7 +315,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void sector[508+3]=0xaa; /* TrailSig */ sector[508+2]=0x55; if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } @@ -319,12 +323,12 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void memset (sector, 0, ft->sector_size); PutBoot (ft, (unsigned char *) sector); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; PutFSInfo((unsigned char *) sector, ft); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } @@ -333,7 +337,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void { memset (sector, 0, ft->sector_size); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } @@ -377,7 +381,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void } if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } } @@ -388,7 +392,7 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void { memset (sector, 0, ft->sector_size); if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } @@ -452,10 +456,19 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void while (x--) { if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } - UpdateProgressBar ((nSecNo - startSector) * ft->sector_size); + + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + volParams->progress_callback ((nSecNo - startSector) * ft->sector_size, volParams->progress_callback_user_data); + } + else + { + UpdateProgressBar ((nSecNo - startSector) * ft->sector_size); + } if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) { @@ -498,16 +511,44 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void nSecNo++; num_sectors -= nSkipSectors; - if (UpdateProgressBar ((nSecNo - startSector)* ft->sector_size)) - goto fail; + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + if (!volParams->progress_callback ((nSecNo - startSector) * ft->sector_size, volParams->progress_callback_user_data)) + { + goto fail; + } + } + else + { + if (UpdateProgressBar ((nSecNo - startSector)* ft->sector_size)) + goto fail; + } + } nSecNo += num_sectors; - UpdateProgressBar ((nSecNo - startSector)* ft->sector_size); + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + volParams->progress_callback ((nSecNo - startSector) * ft->sector_size, volParams->progress_callback_user_data); + } + else + { + UpdateProgressBar ((nSecNo - startSector)* ft->sector_size); + } } else { - UpdateProgressBar ((uint64) ft->num_sectors * ft->sector_size); + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + volParams->progress_callback ((uint64) ft->num_sectors * ft->sector_size, volParams->progress_callback_user_data); + } + else + { + UpdateProgressBar ((uint64) ft->num_sectors * ft->sector_size); + } if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) goto fail; diff --git a/src/Common/Fat.h b/src/Common/Fat.h index fb61f982..c3391bb4 100644 --- a/src/Common/Fat.h +++ b/src/Common/Fat.h @@ -66,4 +66,4 @@ struct msdos_boot_sector void GetFatParams ( fatparams *ft ); void PutBoot ( fatparams *ft , unsigned char *boot ); -int FormatFat (void* hwndDlg, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat, BOOL bDevice); +int FormatFat (void* hwndDlg, unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, volatile void *); diff --git a/src/Common/Format.c b/src/Common/Format.c index 091215b9..e1531c47 100644 --- a/src/Common/Format.c +++ b/src/Common/Format.c @@ -349,12 +349,15 @@ begin_format: if (!SetPrivilege(SE_MANAGE_VOLUME_NAME, TRUE)) { DWORD dwLastError = GetLastError(); +#ifndef VCSDK_DLL if (!IsAdmin () && IsUacSupported ()) { speedupFileCreation = TRUE; delayedSpeedupFileCreation = TRUE; } - else if (Silent || (MessageBoxW(hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME"), lpszTitle, MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2) == IDNO)) + else +#endif + if (Silent || (MessageBoxW(hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME"), lpszTitle, MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2) == IDNO)) { SetLastError(dwLastError); nStatus = ERR_OS_ERROR; @@ -421,6 +424,7 @@ begin_format: if (speedupFileCreation) { +#ifndef VCSDK_DLL // accelerate file creation by telling Windows not to fill all file content with zeros // this has security issues since it will put existing disk content into file container // We use this mechanism only when switch /fastCreateFile specific and when quick format @@ -460,7 +464,9 @@ begin_format: goto error; } } - else if (!SetFileValidData (dev, volumeSize.QuadPart)) + else +#endif + if (!SetFileValidData (dev, volumeSize.QuadPart)) { nStatus = ERR_OS_ERROR; goto error; @@ -579,7 +585,7 @@ begin_format: goto error; } - nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, volParams->quickFormat, volParams->bDevice); + nStatus = FormatNoFs (hwndDlg, startSector, num_sectors, dev, cryptoInfo, volParams); if (volParams->bDevice) StopFormatWriteThread(); @@ -604,7 +610,7 @@ begin_format: ft.cluster_size = volParams->clusterSize; memcpy (ft.volume_name, "NO NAME ", 11); GetFatParams (&ft); - *(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize; + if (volParams->realClusterSize ) *(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize; if (volParams->bDevice && !StartFormatWriteThread()) { @@ -612,7 +618,7 @@ begin_format: goto error; } - nStatus = FormatFat (hwndDlg, startSector, &ft, (void *) dev, cryptoInfo, volParams->quickFormat, volParams->bDevice); + nStatus = FormatFat (hwndDlg, startSector, &ft, (void *) dev, cryptoInfo, volParams); if (volParams->bDevice) StopFormatWriteThread(); @@ -832,11 +838,12 @@ error: retCode = ExternalFormatFs (driveNo, volParams->clusterSize, fsType); if (retCode != 0) { - +#ifndef VCSDK_DLL /* fallback to using FormatEx function from fmifs.dll */ if (!Silent && !IsAdmin () && IsUacSupported ()) retCode = UacFormatFs (volParams->hwndDlg, driveNo, volParams->clusterSize, fsType); else +#endif retCode = FormatFs (driveNo, volParams->clusterSize, fsType, FALSE); /* no need to fallback to format.com since we have already tried it without elevation */ if (retCode != 0) @@ -888,7 +895,7 @@ fv_end: } -int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat, BOOL bDevice) +int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, volatile FORMAT_VOL_PARAMETERS *volParams) { int write_buf_cnt = 0; char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf; @@ -899,6 +906,8 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num DWORD err; CRYPTOPP_ALIGN_DATA(16) char temporaryKey[MASTER_KEYDATA_SIZE]; CRYPTOPP_ALIGN_DATA(16) char originalK2[MASTER_KEYDATA_SIZE]; + BOOL quickFormat = volParams->quickFormat; + BOOL bDevice = volParams->bDevice; LARGE_INTEGER startOffset; LARGE_INTEGER newOffset; @@ -965,12 +974,21 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num while (num_sectors--) { if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo, startSector, - cryptoInfo) == FALSE) + cryptoInfo, volParams) == FALSE) goto fail; } - if (UpdateProgressBar ((nSecNo - startSector) * FormatSectorSize)) - return FALSE; + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + if (!volParams->progress_callback ((nSecNo - startSector) * FormatSectorSize, volParams->progress_callback_user_data)) + goto fail; + } + else + { + if (UpdateProgressBar ((nSecNo - startSector) * FormatSectorSize)) + goto fail; + } if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo)) goto fail; @@ -1002,8 +1020,17 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num nSecNo++; num_sectors -= nSkipSectors; - if (UpdateProgressBar ((nSecNo - startSector)* FormatSectorSize)) - goto fail; + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + if (!volParams->progress_callback ((nSecNo - startSector) * FormatSectorSize, volParams->progress_callback_user_data)) + goto fail; + } + else + { + if (UpdateProgressBar ((nSecNo - startSector)* FormatSectorSize)) + goto fail; + } } nSecNo += num_sectors; @@ -1013,7 +1040,15 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num nSecNo += num_sectors; } - UpdateProgressBar ((nSecNo - startSector) * FormatSectorSize); + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + volParams->progress_callback ((nSecNo - startSector) * FormatSectorSize, volParams->progress_callback_user_data); + } + else + { + UpdateProgressBar ((nSecNo - startSector) * FormatSectorSize); + } // Restore the original secondary key (XTS mode) in case NTFS format fails and the user wants to try FAT immediately memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2)); @@ -1341,7 +1376,7 @@ int ExternalFormatFs (int driveNo, int clusterSize, int fsType) BOOL WriteSector (void *dev, char *sector, char *write_buf, int *write_buf_cnt, - unsigned __int64 *nSecNo, unsigned __int64 startSector, PCRYPTO_INFO cryptoInfo) + unsigned __int64 *nSecNo, unsigned __int64 startSector, PCRYPTO_INFO cryptoInfo, volatile FORMAT_VOL_PARAMETERS *volParams) { static __int32 updateTime = 0; @@ -1355,8 +1390,19 @@ BOOL WriteSector (void *dev, char *sector, if (GetTickCount () - updateTime > 25) { - if (UpdateProgressBar ((*nSecNo - startSector) * FormatSectorSize)) - return FALSE; + if (volParams->progress_callback) + { + // Call the progress callback function if it is set + if (!volParams->progress_callback ((*nSecNo - startSector) * FormatSectorSize, volParams->progress_callback_user_data)) + { + return FALSE; + } + } + else + { + if (UpdateProgressBar ((*nSecNo - startSector) * FormatSectorSize)) + return FALSE; + } updateTime = GetTickCount (); } diff --git a/src/Common/Format.h b/src/Common/Format.h index 85f3b180..fb167a22 100644 --- a/src/Common/Format.h +++ b/src/Common/Format.h @@ -46,6 +46,8 @@ typedef struct HWND hwndDlg; BOOL bForceOperation; BOOL bGuiMode; + BOOL (__cdecl *progress_callback)(unsigned __int64 bytesProcessed, void* cbData); + void* progress_callback_user_data; } FORMAT_VOL_PARAMETERS; @@ -80,12 +82,11 @@ int FormatFs (int driveNo, int clusterSize, int fsType, BOOL bFallBackExternal); int ExternalFormatFs (int driveNo, int clusterSize, int fsType); LPCWSTR FormatExGetMessage (int command); uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize); -int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num_sectors, void *dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat, BOOL bDevice); -BOOL WriteSector ( void *dev , char *sector , char *write_buf , int *write_buf_cnt , unsigned __int64 *nSecNo , unsigned __int64 startSector, PCRYPTO_INFO cryptoInfo ); +int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num_sectors, void *dev, PCRYPTO_INFO cryptoInfo, volatile FORMAT_VOL_PARAMETERS *volParams); +BOOL WriteSector ( void *dev , char *sector , char *write_buf , int *write_buf_cnt , unsigned __int64 *nSecNo , unsigned __int64 startSector, PCRYPTO_INFO cryptoInfo, volatile FORMAT_VOL_PARAMETERS *volParams); BOOL FlushFormatWriteBuffer (void *dev, char *write_buf, int *write_buf_cnt, __int64 *nSecNo, PCRYPTO_INFO cryptoInfo); static BOOL StartFormatWriteThread (); static void StopFormatWriteThread (); -BOOL MoveFilePointer (HANDLE dev, LARGE_INTEGER offset); #define FILESYS_NONE 0 #define FILESYS_FAT 1 diff --git a/src/Common/Language.c b/src/Common/Language.c index 478da149..fbe1955b 100644 --- a/src/Common/Language.c +++ b/src/Common/Language.c @@ -250,6 +250,10 @@ static BOOL LoadLanguageData (int resourceid, BOOL bForceSetPreferredLanguage, B int headers[] = { IDR_COMMON_RSRC_HEADER, IDR_SETUP_RSRC_HEADER, 0 }; #endif +#ifdef VCSDK_DLL + int headers[] = { 0 }; +#endif + LocalizationActive = FALSE; ActiveLangPackVersion[0] = 0; ClearDictionaryPool (); diff --git a/src/Common/Random.c b/src/Common/Random.c index e02702a5..c7708c00 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -129,8 +129,11 @@ int RandinitWithCheck ( int* pAlreadyInitialized) VirtualLock (pRandPool, RANDOMPOOL_ALLOCSIZE); } +#ifndef VCSDK_DLL bIgnoreHookError = IsThreadInSecureDesktop(GetCurrentThreadId()); - +#else + bIgnoreHookError = TRUE; +#endif hKeyboard = SetWindowsHookEx (WH_KEYBOARD, (HOOKPROC)&KeyboardProc, NULL, GetCurrentThreadId ()); if (hKeyboard == 0 && !bIgnoreHookError) handleWin32Error (0, SRC_POS); diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 1081828e..2e75cbfd 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -2177,39 +2177,6 @@ BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId newWipeAlgorithm, return SaveBufferToFile (str, GetConfigPath (TC_APPD_FILENAME_NONSYS_INPLACE_ENC), (DWORD) strlen(str), FALSE, FALSE); } -// This function moves the file pointer to the given offset. It first retrieves the current -// file position using SetFilePointerEx() with FILE_CURRENT as the reference point, and then -// calculates the difference between the current position and the desired position. Subsequently, -// it moves the file pointer by the difference calculated using SetFilePointerEx() again. -// -// This approach of moving the file pointer relatively (instead of absolutely) was implemented -// as a workaround to address the performance issues related to in-place encryption. When using -// SetFilePointerEx() with FILE_BEGIN as the reference point, reaching the end of large drives -// during in-place encryption can cause significant slowdowns. By moving the file pointer -// relatively, these performance issues are mitigated. -// -// We fall back to absolute positioning if the relative positioning fails. -BOOL MoveFilePointer (HANDLE dev, LARGE_INTEGER offset) -{ - LARGE_INTEGER currOffset; - LARGE_INTEGER diffOffset; - - currOffset.QuadPart = 0; - if (SetFilePointerEx (dev, currOffset, &currOffset, FILE_CURRENT)) - { - diffOffset.QuadPart = offset.QuadPart - currOffset.QuadPart; - if (diffOffset.QuadPart == 0) - return TRUE; - - // Moves the file pointer by the difference between current and desired positions - if (SetFilePointerEx (dev, diffOffset, NULL, FILE_CURRENT)) - return TRUE; - } - - // An error occurred, fallback to absolute positioning - return SetFilePointerEx (dev, offset, NULL, FILE_BEGIN); -} - // Repairs damaged sectors (i.e. those with read errors) by zeroing them. // Note that this operating fails if there are any write errors. int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount) diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index 3f552949..168d88e0 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -304,6 +304,58 @@ vector DeferredNonSysInPlaceEncDevices; int iMaxPasswordLength = MAX_PASSWORD; +void WipePasswordsAndKeyfiles(bool bFull) +{ + wchar_t tmp[MAX_PASSWORD + 1]; + + // Attempt to wipe passwords stored in the input field buffers + wmemset(tmp, L'X', MAX_PASSWORD); + tmp[MAX_PASSWORD] = 0; + if (hPasswordInputField) + SetWindowText(hPasswordInputField, tmp); + if (hVerifyPasswordInputField) + SetWindowText(hVerifyPasswordInputField, tmp); + + burn(&szVerify[0], sizeof(szVerify)); + burn(&volumePassword, sizeof(volumePassword)); + burn(&szRawPassword[0], sizeof(szRawPassword)); + burn(&volumePim, sizeof(volumePim)); + burn(&CmdVolumePassword, sizeof(CmdVolumePassword)); + burn(&CmdVolumePim, sizeof(CmdVolumePim)); + + if (bFull) + { + burn(&outerVolumePassword, sizeof(outerVolumePassword)); + burn(&outerVolumePim, sizeof(outerVolumePim)); + } + + if (hPasswordInputField) + SetWindowText(hPasswordInputField, L""); + if (hVerifyPasswordInputField) + SetWindowText(hVerifyPasswordInputField, L""); + + KeyFileRemoveAll(&FirstKeyFile); + KeyFileRemoveAll(&defaultKeyFilesParam.FirstKeyFile); +} + +DWORD GetFormatSectorSize() +{ + if (!bDevice) + return TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; + + DISK_GEOMETRY_EX geometry; + + if (!GetDriveGeometry(szDiskFile, &geometry)) + { + handleWin32Error(MainDlg, SRC_POS); + AbortProcessSilent(); + } + + return geometry.Geometry.BytesPerSector; +} + +#ifndef VCSDK_DLL + // specific definitions and implementation for support of resume operation // in wait dialog mechanism @@ -414,40 +466,6 @@ static BOOL ElevateWholeWizardProcess (wstring arguments) } } -static void WipePasswordsAndKeyfiles (bool bFull) -{ - wchar_t tmp[MAX_PASSWORD+1]; - - // Attempt to wipe passwords stored in the input field buffers - wmemset (tmp, L'X', MAX_PASSWORD); - tmp [MAX_PASSWORD] = 0; - if (hPasswordInputField) - SetWindowText (hPasswordInputField, tmp); - if (hVerifyPasswordInputField) - SetWindowText (hVerifyPasswordInputField, tmp); - - burn (&szVerify[0], sizeof (szVerify)); - burn (&volumePassword, sizeof (volumePassword)); - burn (&szRawPassword[0], sizeof (szRawPassword)); - burn (&volumePim, sizeof (volumePim)); - burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); - burn (&CmdVolumePim, sizeof (CmdVolumePim)); - - if (bFull) - { - burn (&outerVolumePassword, sizeof (outerVolumePassword)); - burn (&outerVolumePim, sizeof (outerVolumePim)); - } - - if (hPasswordInputField) - SetWindowText (hPasswordInputField, L""); - if (hVerifyPasswordInputField) - SetWindowText (hVerifyPasswordInputField, L""); - - KeyFileRemoveAll (&FirstKeyFile); - KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); -} - static void localcleanup (void) { wchar_t tmp[RANDPOOL_DISPLAY_SIZE+1]; @@ -10661,20 +10679,4 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz return 0; } - - -static DWORD GetFormatSectorSize () -{ - if (!bDevice) - return TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; - - DISK_GEOMETRY_EX geometry; - - if (!GetDriveGeometry (szDiskFile, &geometry)) - { - handleWin32Error (MainDlg, SRC_POS); - AbortProcessSilent(); - } - - return geometry.Geometry.BytesPerSector; -} +#endif \ No newline at end of file diff --git a/src/Format/Tcformat.h b/src/Format/Tcformat.h index ac51fc69..3a058672 100644 --- a/src/Format/Tcformat.h +++ b/src/Format/Tcformat.h @@ -78,7 +78,7 @@ static void WipeAbort (void); static void UpdateWipeProgressBar (void); static void InitWipeProgressBar (void); static void UpdateWipeControls (void); -static DWORD GetFormatSectorSize (); +DWORD GetFormatSectorSize (); extern BOOL showKeys; extern volatile HWND hMasterKey; diff --git a/src/FormatDLL/FormatDLL.vcxproj b/src/FormatDLL/FormatDLL.vcxproj new file mode 100644 index 00000000..15188791 --- /dev/null +++ b/src/FormatDLL/FormatDLL.vcxproj @@ -0,0 +1,291 @@ + + + + + Debug + ARM64 + + + Release + ARM64 + + + Debug + x64 + + + Release + x64 + + + + + true + true + true + true + + + + true + true + true + true + + + true + true + true + true + + + + + + CompileAsCpp + CompileAsCpp + CompileAsCpp + CompileAsCpp + + + CompileAsCpp + CompileAsCpp + CompileAsCpp + CompileAsCpp + + + + + + + + + + CompileAsCpp + CompileAsCpp + CompileAsCpp + CompileAsCpp + false + false + false + false + + + + + + + false + false + false + false + + + + + + + + + + + + + + + + + + CompileAsCpp + CompileAsCpp + CompileAsCpp + CompileAsCpp + + + + + + + + 17.0 + Win32Proj + {ed4d0684-b0cf-4698-8487-3f3b314422e9} + FormatDLL + 10.0 + + + + DynamicLibrary + true + v143 + Unicode + true + + + DynamicLibrary + true + v143 + Unicode + true + + + DynamicLibrary + false + v143 + true + Unicode + Spectre + + + DynamicLibrary + false + v143 + true + Unicode + Spectre + + + + + + + + + + + + + + + + + + + + + VeraCryptFormat + + + VeraCryptFormat + + + VeraCryptFormat + + + VeraCryptFormat + + + + Level3 + true + VCSDK_DLL;_DEBUG;VCSDK_EXPORTS;_WINDOWS;_USRDLL;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS%(PreprocessorDefinitions) + Default + NotUsing + + + ..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;..\Common\lzma;%(AdditionalIncludeDirectories) + ProgramDatabase + MultiThreadedDebug + + + Windows + true + false + ..\Crypto\x64\Debug\crypto.lib;..\Common\x64\Debug\Zip.lib;mpr.lib;%(AdditionalDependencies) + + + md "..\Debug\SDK Files\x64" 2>NUL: +copy $(TargetPath) "..\Debug\SDK Files\x64\VeraCryptFormat.dll" +copy $(TargetPath) "..\Debug\SDK Files\x64\VeraCryptFormat.lib" +copy VeraCryptFormatSDK.h "..\Debug\SDK Files\VeraCryptFormatSDK.h" + + + + + Level3 + true + VCSDK_DLL;_DEBUG;VCSDK_EXPORTS;_WINDOWS;_USRDLL;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS%(PreprocessorDefinitions) + Default + NotUsing + + + ..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;..\Common\lzma;%(AdditionalIncludeDirectories) + ProgramDatabase + MultiThreadedDebug + + + Windows + true + false + ..\Crypto\arm64\Debug\crypto.lib;..\Common\arm64\Debug\Zip.lib;mpr.lib;%(AdditionalDependencies) + + + md "..\Debug\SDK Files\arm64" 2>NUL: +copy $(TargetPath) "..\Debug\SDK Files\arm64\VeraCryptFormat.dll" +copy $(TargetPath) "..\Debug\SDK Files\arm64\VeraCryptFormat.lib" +copy VeraCryptFormatSDK.h "..\Debug\SDK Files\VeraCryptFormatSDK.h" + + + + + Level3 + true + true + true + VCSDK_DLL;NDEBUG;VCSDK_EXPORTS;_WINDOWS;_USRDLL;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS;%(PreprocessorDefinitions) + Default + NotUsing + + + ..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;..\Common\lzma;%(AdditionalIncludeDirectories) + MultiThreaded + + + Windows + true + true + true + false + ..\Crypto\x64\Release\crypto.lib;..\Common\x64\Release\Zip.lib;mpr.lib;%(AdditionalDependencies) + + + md "..\Release\SDK Files\x64" 2>NUL: +copy $(TargetPath) "..\Release\SDK Files\x64\VeraCryptFormat.dll" +copy $(TargetPath) "..\Release\SDK Files\x64\VeraCryptFormat.lib" +copy VeraCryptFormatSDK.h "..\Release\SDK Files\VeraCryptFormatSDK.h" + + + + + + Level3 + true + true + true + VCSDK_DLL;NDEBUG;VCSDK_EXPORTS;_WINDOWS;_USRDLL;_WINDOWS;_CRT_SECURE_NO_DEPRECATE;_CRT_NON_CONFORMING_SWPRINTFS;%(PreprocessorDefinitions) + Default + NotUsing + + + ..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;..\Common\lzma;%(AdditionalIncludeDirectories) + MultiThreaded + + + Windows + true + true + true + false + ..\Crypto\arm64\Release\crypto.lib;..\Common\arm64\Release\Zip.lib;mpr.lib;%(AdditionalDependencies) + + + md "..\Release\SDK Files\arm64" 2>NUL: +copy $(TargetPath) "..\Release\SDK Files\arm64\VeraCryptFormat.dll" +copy $(TargetPath) "..\Release\SDK Files\arm64\VeraCryptFormat.lib" +copy VeraCryptFormatSDK.h "..\Release\SDK Files\VeraCryptFormatSDK.h" + + + + + + \ No newline at end of file diff --git a/src/FormatDLL/FormatDLL.vcxproj.filters b/src/FormatDLL/FormatDLL.vcxproj.filters new file mode 100644 index 00000000..c767c03e --- /dev/null +++ b/src/FormatDLL/FormatDLL.vcxproj.filters @@ -0,0 +1,144 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + {30ee2663-9bf7-4e14-8331-09f652ef9ca0} + + + + + Source Files + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files\Common + + + Source Files + + + + + Header Files + + + \ No newline at end of file diff --git a/src/FormatDLL/VeraCryptFormatSDK.cpp b/src/FormatDLL/VeraCryptFormatSDK.cpp new file mode 100644 index 00000000..515d9e55 --- /dev/null +++ b/src/FormatDLL/VeraCryptFormatSDK.cpp @@ -0,0 +1,401 @@ +/* + * VeraCrypt Format SDK + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file provides a C-style DLL interface for creating VeraCrypt file containers + * and formatting non-system partitions. It serves as a headless, thread-safe wrapper + * around the core logic from Tcformat.c and related VeraCrypt source files. + * + * First created by Mounir IDRASSI (mounir.idrassi@amcrypto.jp) + * + */ + +#include "Tcdefs.h" +#include +#include +#include +#include +#include + +#include "Dlgcode.h" +#include "Crypto.h" +#include "Apidrvr.h" +#include "Common/Common.h" +#include "Common/Dictionary.h" +#include "Common/Pkcs5.h" +#include "Platform/Finally.h" +#include "Random.h" +#include "Format.h" +#include "Volumes.h" +#include "Keyfiles.h" +#include "Password.h" +#include "Tests.h" +#include "Wipe.h" +#include "VeraCryptFormatSdk.h" + + +// Global variables from Tcformat.c we need to control +extern BOOL bDevice; +extern unsigned __int64 nVolumeSize; +extern int nVolumeEA; +extern int hash_algo; +extern int volumePim; +extern volatile int fileSystem; +extern volatile int clusterSize; +extern volatile BOOL quickFormat; +extern volatile BOOL fastCreateFile; +extern volatile BOOL dynamicFormat; +extern Password volumePassword; +extern KeyFile *FirstKeyFile; +extern wchar_t szDiskFile[TC_MAX_PATH+1]; +extern HINSTANCE hInst; +extern BOOL bGuiMode; + +// Core formatting function from Format.c +int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams); + +// Helper functions from other parts of VeraCrypt +void WipePasswordsAndKeyfiles (bool bFull); +int DriverAttach (); +BOOL AutoTestAlgorithms(); +extern "C" DWORD GetFormatSectorSize(); +void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine); +void cleanup (); + +// Global mutex to ensure that volume creation operations are serialized, +// as the underlying code uses extensive global state. +static std::mutex g_sdkMutex; +static std::atomic g_isInitialized = false; +static HINSTANCE g_hDllInstance = NULL; + +// Helper to map string representations to internal VeraCrypt EA IDs +static int MapEncryptionAlgorithm(const wchar_t* algoName) +{ + if (!algoName) return 0; + wchar_t buf[100]; + for (int ea = EAGetFirst(); ea != 0; ea = EAGetNext(ea)) + { + if (EAIsFormatEnabled(ea) && _wcsicmp(algoName, EAGetName(buf, ARRAYSIZE(buf), ea, 1)) == 0) + { + return ea; + } + } + return 0; // Not found +} + +// Helper to map string representations to internal VeraCrypt Hash IDs +static int MapHashAlgorithm(const wchar_t* hashName) +{ + if (!hashName) return 0; + for (int id = FIRST_PRF_ID; id <= LAST_PRF_ID; ++id) + { + if (!HashIsDeprecated(id) && _wcsicmp(hashName, HashGetName(id)) == 0) + { + return id; + } + } + // Check for aliases + if (_wcsicmp(hashName, L"BLAKE2s") == 0) return BLAKE2S; + if (_wcsicmp(hashName, L"sha256") == 0) return SHA256; + if (_wcsicmp(hashName, L"sha512") == 0) return SHA512; + return 0; // Not found +} + +// Helper to map string representations to internal VeraCrypt Filesystem IDs +static int MapFilesystem(const wchar_t* fsName) +{ + if (!fsName || _wcsicmp(fsName, L"None") == 0) return FILESYS_NONE; + if (_wcsicmp(fsName, L"FAT") == 0) return FILESYS_FAT; + if (_wcsicmp(fsName, L"NTFS") == 0) return FILESYS_NTFS; + if (_wcsicmp(fsName, L"ExFAT") == 0) return FILESYS_EXFAT; + if (IsOSVersionAtLeast(WIN_10, 0) && _wcsicmp(fsName, L"ReFS") == 0) return FILESYS_REFS; + return -1; // Invalid filesystem +} + +struct SdkProgressContext +{ + VeraCrypt_Progress_Callback UserCallback; + uint64_t TotalSize; + void* UserData; +}; + +// This function is intended to be called by the internal TCFormatVolume function. +// It translates the progress into a percentage and calls the user-provided callback. +static BOOL __cdecl SdkProgressCallback(unsigned __int64 bytesProcessed, void* cbData) +{ + if (!cbData) return FALSE; + + SdkProgressContext* context = static_cast(cbData); + if (context->UserCallback && context->TotalSize > 0) + { + int percentage = static_cast((bytesProcessed * 100) / context->TotalSize); + if (percentage > 100) percentage = 100; + + return context->UserCallback(percentage, context->UserData); + } + + return TRUE; +} + +// The core implementation of the volume creation logic. Not exported. +static int CreateVolumeInternal(const VeraCryptFormatOptions* options) +{ + // --- Parameter validation --- + if (!options || !options->path || wcslen(options->path) == 0) return VCF_ERROR_INVALID_PARAMETER; + if (!options->password && (options->keyfiles == nullptr || options->keyfiles[0] == nullptr)) return VCF_ERROR_PASSWORD_OR_KEYFILE_REQUIRED; + if (!options->isDevice && (options->dynamicFormat || options->fastCreateFile) && options->quickFormat == FALSE) return VCF_ERROR_INVALID_PARAMETER; + if (options->isDevice && (options->dynamicFormat || options->fastCreateFile)) return VCF_ERROR_INVALID_PARAMETER; + + // Lock the mutex to protect the global state used by VeraCrypt's format code + std::lock_guard lock(g_sdkMutex); + + // Use a finally block to ensure cleanup of globals and memory + finally_do({ + // Clean up all sensitive data from globals + WipePasswordsAndKeyfiles(true); + // Reset globals to default state + KeyFileRemoveAll(&FirstKeyFile); + FirstKeyFile = nullptr; + bDevice = FALSE; + nVolumeSize = 0; + nVolumeEA = 1; + hash_algo = DEFAULT_HASH_ALGORITHM; + volumePim = 0; + fileSystem = FILESYS_NONE; + clusterSize = 0; + quickFormat = FALSE; + fastCreateFile = FALSE; + dynamicFormat = FALSE; + szDiskFile[0] = L'\0'; + }); + + + // --- Setup VeraCrypt's global state from our options struct --- + bDevice = options->isDevice; + nVolumeSize = options->size; + + nVolumeEA = MapEncryptionAlgorithm(options->encryptionAlgorithm); + if (nVolumeEA == 0) return VCF_ERROR_INVALID_ENCRYPTION_ALGORITHM; + + hash_algo = MapHashAlgorithm(options->hashAlgorithm); + if (hash_algo == 0) return VCF_ERROR_INVALID_HASH_ALGORITHM; + + fileSystem = MapFilesystem(options->filesystem); + if (fileSystem == -1) return VCF_ERROR_INVALID_FILESYSTEM; + + volumePim = options->pim; + quickFormat = options->quickFormat; + fastCreateFile = options->fastCreateFile; + dynamicFormat = options->dynamicFormat; + clusterSize = options->clusterSize; + + if(dynamicFormat || fastCreateFile) quickFormat = TRUE; + + if (options->password) + { + if (!CheckPasswordLength(NULL, (int)strlen(options->password), options->pim, FALSE, 0, TRUE, TRUE)) + { + return VCF_ERROR_PASSWORD_POLICY; + } + strcpy_s((char*)volumePassword.Text, sizeof(volumePassword.Text), options->password); + volumePassword.Length = (unsigned __int32)strlen(options->password); + } + else + { + volumePassword.Text[0] = 0; + volumePassword.Length = 0; + } + + // --- Handle Keyfiles --- + FirstKeyFile = nullptr; + if (options->keyfiles) + { + for (int i = 0; options->keyfiles[i] != nullptr; ++i) + { + KeyFile* kf = (KeyFile*)malloc(sizeof(KeyFile)); + if (!kf) + { + KeyFileRemoveAll(&FirstKeyFile); + return VCF_ERROR_OUT_OF_MEMORY; + } + StringCbCopyW(kf->FileName, sizeof(kf->FileName), options->keyfiles[i]); + FirstKeyFile = KeyFileAdd(FirstKeyFile, kf); + } + } + + if (!KeyFilesApply(NULL, &volumePassword, FirstKeyFile, NULL)) + { + return VCF_ERROR_KEYFILE_ERROR; + } + + // --- Prepare for TCFormatVolume --- + StringCbCopyW(szDiskFile, sizeof(szDiskFile), options->path); + + // --- Perform Validation (ported from Tcformat.c) --- + if (bDevice) + { + nVolumeSize = GetDeviceSize(szDiskFile); + if (nVolumeSize == (uint64_t)-1) return VCF_ERROR_CANNOT_GET_DEVICE_SIZE; + } + else // For file containers + { + if (nVolumeSize % TC_SECTOR_SIZE_FILE_HOSTED_VOLUME != 0) return VCF_ERROR_INVALID_VOLUME_SIZE; + if (nVolumeSize < TC_MIN_VOLUME_SIZE) return VCF_ERROR_VOLUME_SIZE_TOO_SMALL; + + if (!dynamicFormat) + { + wchar_t root[TC_MAX_PATH]; + ULARGE_INTEGER freeSpace; + if (GetVolumePathName(szDiskFile, root, ARRAYSIZE(root)) && GetDiskFreeSpaceEx(root, &freeSpace, 0, 0)) + { + if (nVolumeSize > freeSpace.QuadPart) return VCF_ERROR_CONTAINER_TOO_LARGE_FOR_HOST; + } + } + } + + // Validate filesystem choice against volume size + uint64_t dataAreaSize = GetVolumeDataAreaSize(FALSE, nVolumeSize); + DWORD sectorSize = bDevice ? GetFormatSectorSize() : TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; + if (fileSystem == FILESYS_NTFS && (dataAreaSize < TC_MIN_NTFS_FS_SIZE || dataAreaSize > TC_MAX_NTFS_FS_SIZE)) + return VCF_ERROR_FILESYSTEM_INVALID_FOR_SIZE; + if (fileSystem == FILESYS_FAT && (dataAreaSize < TC_MIN_FAT_FS_SIZE || dataAreaSize > (TC_MAX_FAT_SECTOR_COUNT * sectorSize))) + return VCF_ERROR_FILESYSTEM_INVALID_FOR_SIZE; + if (fileSystem == FILESYS_EXFAT && (dataAreaSize < TC_MIN_EXFAT_FS_SIZE || dataAreaSize > TC_MAX_EXFAT_FS_SIZE)) + return VCF_ERROR_FILESYSTEM_INVALID_FOR_SIZE; + if (fileSystem == FILESYS_REFS && (dataAreaSize < TC_MIN_REFS_FS_SIZE || dataAreaSize > TC_MAX_REFS_FS_SIZE)) + return VCF_ERROR_FILESYSTEM_INVALID_FOR_SIZE; + + + // --- Prepare parameters for the core formatting function --- + FORMAT_VOL_PARAMETERS volParams = { 0 }; + volParams.bDevice = bDevice; + volParams.hiddenVol = FALSE; // SDK does not support hidden volumes + volParams.volumePath = szDiskFile; + volParams.size = nVolumeSize; + volParams.ea = nVolumeEA; + volParams.pkcs5 = hash_algo; + volParams.fileSystem = fileSystem; + volParams.clusterSize = clusterSize; + volParams.quickFormat = quickFormat; + volParams.fastCreateFile = fastCreateFile; + volParams.sparseFileSwitch = dynamicFormat; + volParams.sectorSize = sectorSize; + volParams.password = &volumePassword; + volParams.pim = volumePim; + volParams.bGuiMode = FALSE; + volParams.hwndDlg = NULL; + volParams.bForceOperation = TRUE; + + // Setup progress callback + SdkProgressContext progressCtx = { 0 }; + if (options->progressCallback) + { + progressCtx.UserCallback = options->progressCallback; + progressCtx.UserData = options->progressUserData; + progressCtx.TotalSize = GetVolumeDataAreaSize(FALSE, nVolumeSize); + + volParams.progress_callback = SdkProgressCallback; + volParams.progress_callback_user_data = &progressCtx; + } + + // --- Call the core function --- + RandSetHashFunction(hash_algo); + int status = TCFormatVolume(&volParams); + + // --- Return result --- + if (status == ERR_SUCCESS) return VCF_SUCCESS; + + // Map internal errors to public SDK errors + switch (status) + { + case ERR_OUTOFMEMORY: return VCF_ERROR_OUT_OF_MEMORY; + case ERR_OS_ERROR: + { + DWORD lastError = GetLastError(); + if (lastError == ERROR_ACCESS_DENIED) return VCF_ERROR_ACCESS_DENIED; + return VCF_ERROR_OS_ERROR; + } + case ERR_USER_ABORT: return VCF_ERROR_USER_ABORT; + default: return VCF_ERROR_GENERIC; + } +} + + +// --- Public DLL Exported Functions --- + +extern "C" +{ + VCF_API int __cdecl VeraCryptFormat_Initialize() + { + std::lock_guard lock(g_sdkMutex); + if (g_isInitialized) + { + return VCF_SUCCESS; + } + Silent = TRUE; // We don't want UI + bGuiMode = FALSE; // Ensure GUI mode is off + InitApp(g_hDllInstance, L""); + + if (DriverAttach() != 0) return VCF_ERROR_NO_DRIVER; + if (!AutoTestAlgorithms()) { cleanup(); return VCF_ERROR_SELF_TEST_FAILED; } + if (Randinit()) { cleanup(); return VCF_ERROR_RNG_INIT_FAILED; } + + g_isInitialized = true; + return VCF_SUCCESS; + } + + VCF_API void __cdecl VeraCryptFormat_Shutdown() + { + std::lock_guard lock(g_sdkMutex); + if (g_isInitialized) + { + RandStop(TRUE); + cleanup(); + g_isInitialized = false; + } + } + + VCF_API int __cdecl VeraCryptFormat(const VeraCryptFormatOptions* options) + { + if (!g_isInitialized) + { + return VCF_ERROR_NOT_INITIALIZED; + } + + // The internal function handles all logic and thread safety. + return CreateVolumeInternal(options); + } + + BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) + { + switch (fdwReason) + { + case DLL_PROCESS_ATTACH: + g_hDllInstance = hinstDLL; + break; + + case DLL_THREAD_ATTACH: + case DLL_THREAD_DETACH: + break; + + case DLL_PROCESS_DETACH: + if (g_isInitialized) + { + VeraCryptFormat_Shutdown(); + } + break; + } + return TRUE; + } +} \ No newline at end of file diff --git a/src/FormatDLL/VeraCryptFormatSDK.h b/src/FormatDLL/VeraCryptFormatSDK.h new file mode 100644 index 00000000..2a107708 --- /dev/null +++ b/src/FormatDLL/VeraCryptFormatSDK.h @@ -0,0 +1,136 @@ +#pragma once + +#include + +#ifdef VCSDK_EXPORTS +#define VCF_API __declspec(dllexport) +#else +#define VCF_API __declspec(dllimport) +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +// --- Public Data Structures and Callbacks --- + +/** + * @brief Defines the parameters for creating a VeraCrypt volume. + */ +typedef struct _VeraCryptFormatOptions +{ + /** The full path to the file container to be created, or the device path (e.g., "\\.\PhysicalDrive1" or "\\.\HarddiskVolume1"). */ + const wchar_t* path; + + /** Set to TRUE if the path points to a device/partition, FALSE for a file container. */ + BOOL isDevice; + + /** The password for the new volume. Can be NULL if keyfiles are used. Must be UTF-8 encoded. */ + const char* password; + + /** A NULL-terminated array of wide-char strings, each being a full path to a keyfile. Set to NULL if no keyfiles are used. */ + const wchar_t** keyfiles; + + /** The Personal Iterations Multiplier (PIM). Use 0 for default PIM. */ + int pim; + + /** The size of the volume in bytes. This is only used for file containers (when isDevice is FALSE). Must be a multiple of 512. */ + uint64_t size; + + /** The encryption algorithm to use. E.g., L"AES", L"Serpent", L"Twofish", L"AES-Twofish-Serpent". */ + const wchar_t* encryptionAlgorithm; + + /** The header key derivation and random pool hash algorithm. E.g., L"SHA-512", L"RIPEMD-160", L"Whirlpool", L"BLAKE2s-256", L"SHA-256". */ + const wchar_t* hashAlgorithm; + + /** The filesystem for the new volume. E.g., L"NTFS", L"FAT", L"ExFAT", L"ReFS", or L"None". */ + const wchar_t* filesystem; + + /** The cluster size in sectors (e.g., 1, 2, 4, 8...). Use 0 for default. */ + int clusterSize; + + /** If TRUE, performs a quick format. This is faster but less secure as old data is not overwritten. */ + BOOL quickFormat; + + /** If TRUE, creates a dynamically-expanding (sparse) file container. Only for file containers. Implies quickFormat=TRUE. */ + BOOL dynamicFormat; + + /** If TRUE, creates a file container very quickly without waiting for random pool to be filled. Less secure. Only for file containers. Implies quickFormat=TRUE. */ + BOOL fastCreateFile; + + /** A callback function to receive progress updates. Can be NULL. It can return FALSE to abort the operation. */ + BOOL (CALLBACK *progressCallback)(int percentComplete, void* userData); + + /** User-defined data to be passed to the progress callback. */ + void* progressUserData; + +} VeraCryptFormatOptions; + +/** + * @brief Progress callback function pointer type. + * @param percentComplete The percentage of the format operation that is complete (0-100). + * @param userData The user-defined data pointer passed in VeraCryptFormatOptions. + * @return Returns TRUE to continue the operation, or FALSE to abort it. + */ +typedef BOOL (CALLBACK *VeraCrypt_Progress_Callback)(int percentComplete, void* userData); + + +// --- Public Error Codes --- +#define VCF_SUCCESS 0 +#define VCF_ERROR_GENERIC 1 // A generic or unknown error occurred. +#define VCF_ERROR_INVALID_PARAMETER 2 // An invalid parameter was passed (e.g. NULL path). +#define VCF_ERROR_PASSWORD_OR_KEYFILE_REQUIRED 3 // A password and/or keyfile must be provided. +#define VCF_ERROR_INVALID_ENCRYPTION_ALGORITHM 4 +#define VCF_ERROR_INVALID_HASH_ALGORITHM 5 +#define VCF_ERROR_INVALID_FILESYSTEM 6 +#define VCF_ERROR_PASSWORD_POLICY 7 // Password is too long or violates other policies. +#define VCF_ERROR_KEYFILE_ERROR 8 // Error reading or processing a keyfile. +#define VCF_ERROR_OUT_OF_MEMORY 9 +#define VCF_ERROR_OS_ERROR 10 // A Windows API call failed. +#define VCF_ERROR_CANNOT_GET_DEVICE_SIZE 11 +#define VCF_ERROR_VOLUME_SIZE_TOO_SMALL 12 +#define VCF_ERROR_RNG_INIT_FAILED 13 +#define VCF_ERROR_NO_DRIVER 14 // VeraCrypt driver is not running. +#define VCF_ERROR_SELF_TEST_FAILED 15 +#define VCF_ERROR_USER_ABORT 16 // Should not occur in SDK, but mapped for completeness. +#define VCF_ERROR_INITIALIZATION_FAILED 17 +#define VCF_ERROR_NOT_INITIALIZED 18 +#define VCF_ERROR_INVALID_VOLUME_SIZE 19 // e.g., not a multiple of sector size. +#define VCF_ERROR_FILESYSTEM_INVALID_FOR_SIZE 21 // The selected filesystem cannot be used for the given volume size. +#define VCF_ERROR_CONTAINER_TOO_LARGE_FOR_HOST 22 // The file container is larger than the available free space. +#define VCF_ERROR_ACCESS_DENIED 23 // The target path is read-only or cannot be created. + + +// --- Public API Functions --- + +/** + * @brief Initializes the VeraCrypt Format SDK. + * This function must be called once per process before any other SDK functions. + * It attaches to the VeraCrypt driver, runs self-tests, and seeds the RNG. + * This function is thread-safe. + * + * @return Returns VCF_SUCCESS (0) on success, or a non-zero VCF_ERROR_* code on failure. + */ +VCF_API int __cdecl VeraCryptFormat_Initialize(); + +/** + * @brief Shuts down the VeraCrypt Format SDK. + * Call this function when the SDK is no longer needed to release resources. + */ +VCF_API void __cdecl VeraCryptFormat_Shutdown(); + +/** + * @brief Creates a VeraCrypt volume (file container or formatted partition). + * This is the main entry point for the VeraCrypt Format SDK. + * This function is synchronous and will block until the format operation is complete. + * It is thread-safe, but operations are serialized internally. + * VeraCryptFormat_Initialize() must be called successfully before using this function. + * + * @param options A pointer to a VeraCryptFormatOptions struct containing all parameters for the operation. + * @return Returns VCF_SUCCESS (0) on success, or a non-zero VCF_ERROR_* code on failure. + */ +VCF_API int __cdecl VeraCryptFormat(const VeraCryptFormatOptions* options); + +#ifdef __cplusplus +} +#endif \ No newline at end of file diff --git a/src/VeraCrypt.sln b/src/VeraCrypt.sln index cae2ef7a..8497f57c 100644 --- a/src/VeraCrypt.sln +++ b/src/VeraCrypt.sln @@ -50,6 +50,12 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SetupDLL", "SetupDLL\SetupD {C8914211-32AC-4F48-ACD9-8212E8DE53F3} = {C8914211-32AC-4F48-ACD9-8212E8DE53F3} EndProjectSection EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "FormatDLL", "FormatDLL\FormatDLL.vcxproj", "{ED4D0684-B0CF-4698-8487-3F3B314422E9}" + ProjectSection(ProjectDependencies) = postProject + {6316EE71-0210-4CA4-BCC7-CFB7A3C090FC} = {6316EE71-0210-4CA4-BCC7-CFB7A3C090FC} + {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7} + EndProjectSection +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|ARM64 = Debug|ARM64 @@ -308,6 +314,26 @@ Global {ADD324E2-ADC8-402E-87EB-03E4E26B1B49}.ReleaseCustomEFI|Win32.Build.0 = ReleaseCustomEFI|Win32 {ADD324E2-ADC8-402E-87EB-03E4E26B1B49}.ReleaseCustomEFI|x64.ActiveCfg = ReleaseCustomEFI|Win32 {ADD324E2-ADC8-402E-87EB-03E4E26B1B49}.ReleaseCustomEFI|x64.Build.0 = ReleaseCustomEFI|Win32 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Debug|ARM64.ActiveCfg = Debug|ARM64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Debug|ARM64.Build.0 = Debug|ARM64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Debug|Win32.ActiveCfg = Debug|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Debug|x64.ActiveCfg = Debug|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Debug|x64.Build.0 = Debug|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release_SkipOsDriverReqCheck|ARM64.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release_SkipOsDriverReqCheck|ARM64.Build.0 = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release_SkipOsDriverReqCheck|Win32.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release_SkipOsDriverReqCheck|x64.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release_SkipOsDriverReqCheck|x64.Build.0 = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release|ARM64.ActiveCfg = Release|ARM64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release|ARM64.Build.0 = Release|ARM64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release|Win32.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release|x64.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.Release|x64.Build.0 = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.ReleaseCustomEFI|ARM64.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.ReleaseCustomEFI|ARM64.Build.0 = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.ReleaseCustomEFI|Win32.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.ReleaseCustomEFI|x64.ActiveCfg = Release|x64 + {ED4D0684-B0CF-4698-8487-3F3B314422E9}.ReleaseCustomEFI|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE