Windows: Support EFI system encryption for 32-bit Windows.

2026-05-22 13:43:46 -05:00 · 2016-10-17 16:31:25 +02:00
parent 2ddc374164
commit 7f63d57f67
11 changed files with 80 additions and 31 deletions
@@ -2543,23 +2543,23 @@ namespace VeraCrypt
 				}
 			}
 			DWORD sizeDcsBoot;
-			byte *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot);
+			byte *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT : IDR_EFI_DCSBOOT32, &sizeDcsBoot);
 			if (!dcsBootImg)
 				throw ErrorException(L"Out of resource DcsBoot", SRC_POS);
 			DWORD sizeDcsInt;
-			byte *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt);
+			byte *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt);
 			if (!dcsIntImg)
 				throw ErrorException(L"Out of resource DcsInt", SRC_POS);
 			DWORD sizeDcsCfg;
-			byte *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg);
+			byte *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg);
 			if (!dcsCfgImg)
 				throw ErrorException(L"Out of resource DcsCfg", SRC_POS);
 			DWORD sizeLegacySpeaker;
-			byte *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
+			byte *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker);
 			if (!LegacySpeakerImg)
 				throw ErrorException(L"Out of resource LegacySpeaker", SRC_POS);
 			DWORD sizeBootMenuLocker;
-			byte *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
+			byte *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker);
 			if (!BootMenuLockerImg)
 				throw ErrorException(L"Out of resource DcsBml", SRC_POS);
@@ -2573,7 +2573,7 @@ namespace VeraCrypt
 				EfiBootInst.MkDir(L"\\EFI\\VeraCrypt", bAlreadyExist);
 				EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsBoot.efi", dcsBootImg, sizeDcsBoot);
-				EfiBootInst.SaveFile(L"\\EFI\\Boot\\bootx64.efi", dcsBootImg, sizeDcsBoot);
+				EfiBootInst.SaveFile(Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi", dcsBootImg, sizeDcsBoot);
 				EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsInt.dcs", dcsIntImg, sizeDcsInt);
 				EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\DcsCfg.dcs", dcsCfgImg, sizeDcsCfg);
 				EfiBootInst.SaveFile(L"\\EFI\\VeraCrypt\\LegacySpeaker.dcs", LegacySpeakerImg, sizeLegacySpeaker);
@@ -2587,7 +2587,10 @@ namespace VeraCrypt
 				// move the original bootloader backup from old location (if it exists) to new location
 				// we don't force the move operation if the new location already exists
 				if (Is64BitOs())
 					EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootx64_vc_backup.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup", FALSE);
 				else
 					EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootia32_vc_backup.efi", L"\\EFI\\Boot\\original_bootia32.vc_backup", FALSE);
 				// Clean beta9
 				EfiBootInst.DelFile(L"\\DcsBoot.efi");
@@ -2736,27 +2739,27 @@ namespace VeraCrypt
 		{
 			// create EFI disk structure
 			DWORD sizeDcsBoot;
-			byte *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot);
+			byte *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT: IDR_EFI_DCSBOOT32, &sizeDcsBoot);
 			if (!dcsBootImg)
 				throw ParameterIncorrect (SRC_POS);
 			DWORD sizeDcsInt;
-			byte *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt);
+			byte *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt);
 			if (!dcsIntImg)
 				throw ParameterIncorrect (SRC_POS);
 			DWORD sizeDcsCfg;
-			byte *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg);
+			byte *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg);
 			if (!dcsCfgImg)
 				throw ParameterIncorrect (SRC_POS);
 			DWORD sizeLegacySpeaker;
-			byte *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
+			byte *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker);
 			if (!LegacySpeakerImg)
 				throw ParameterIncorrect (SRC_POS);
 			DWORD sizeBootMenuLocker;
-			byte *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
+			byte *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker);
 			if (!BootMenuLockerImg)
 				throw ParameterIncorrect (SRC_POS);
 			DWORD sizeDcsRescue;
-			byte *DcsRescueImg = MapResource(L"BIN", IDR_EFI_DCSRE, &sizeDcsRescue);
+			byte *DcsRescueImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSRE: IDR_EFI_DCSRE32, &sizeDcsRescue);
 			if (!DcsRescueImg)
 				throw ParameterIncorrect (SRC_POS);
@@ -2775,7 +2778,7 @@ namespace VeraCrypt
 			finally_do_arg (zip_t**, &z, { if (*finally_arg) zip_discard (*finally_arg);});
-			if (!ZipAdd (z, "EFI/Boot/bootx64.efi", DcsRescueImg, sizeDcsRescue))
+			if (!ZipAdd (z, Is64BitOs()? "EFI/Boot/bootx64.efi": "EFI/Boot/bootia32.efi", DcsRescueImg, sizeDcsRescue))
 				throw ParameterIncorrect (SRC_POS);
 			if (!ZipAdd (z, "EFI/VeraCrypt/DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker))
 				throw ParameterIncorrect (SRC_POS);
@@ -2820,7 +2823,7 @@ namespace VeraCrypt
 				sysBakFile.GetFileSize(fileSize);
 				fileBuf.Resize ((DWORD) fileSize);
 				DWORD sizeLoader = sysBakFile.Read (fileBuf.Ptr (), fileSize);
-				bLoadAdded = ZipAdd (z, "EFI/Boot/original_bootx64.vc_backup", fileBuf.Ptr (), sizeLoader);				
+				bLoadAdded = ZipAdd (z, Is64BitOs()? "EFI/Boot/original_bootx64.vc_backup": "EFI/Boot/original_bootia32.vc_backup", fileBuf.Ptr (), sizeLoader);				
 			}
 			catch (Exception &e)
 			{
@@ -3035,7 +3038,7 @@ namespace VeraCrypt
 		if (bIsGPT)
 		{
-			const wchar_t* efiFiles[] = {
+			const wchar_t* efi64Files[] = {
 				L"EFI/Boot/bootx64.efi",
 				L"EFI/VeraCrypt/DcsBml.dcs",
 				L"EFI/VeraCrypt/DcsBoot.efi",
@@ -3046,6 +3049,17 @@ namespace VeraCrypt
 				L"EFI/Boot/original_bootx64.vc_backup"
 			};
 			const wchar_t* efi32Files[] = {
 				L"EFI/Boot/bootia32.efi",
 				L"EFI/VeraCrypt/DcsBml.dcs",
 				L"EFI/VeraCrypt/DcsBoot.efi",
 				L"EFI/VeraCrypt/DcsCfg.dcs",
 				L"EFI/VeraCrypt/DcsInt.dcs",
 				L"EFI/VeraCrypt/LegacySpeaker.dcs",
 				L"EFI/VeraCrypt/svh_bak",
 				L"EFI/Boot/original_bootia32.vc_backup"
 			};
 			zip_error_t zerr;
 			zip_source_t* zsrc = zip_source_buffer_create (RescueZipData, RescueZipSize, 0, &zerr);
 			if (!zsrc)
@@ -3073,7 +3087,9 @@ namespace VeraCrypt
 								&& !wcsncmp (szNameBuffer, L"FAT", 3))
 						{
 							int i;		
-							for (i = 0; i < ARRAYSIZE(efiFiles); i++)
+							const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files;
 							int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files);
 							for (i = 0; i < efiFilesSize; i++)
 							{
 								bool bMatch = false;
 								zip_int64_t index = zip_name_locate (z, WideToUtf8String (efiFiles[i]).c_str(), ZIP_FL_NOCASE);
@@ -3125,7 +3141,7 @@ namespace VeraCrypt
 									break;
 							}
-							if (i == ARRAYSIZE(efiFiles))
+							if (i == efiFilesSize)
 							{
 								// All entries processed
 								return true;
@@ -3213,7 +3229,7 @@ namespace VeraCrypt
 					finally_do_arg (zip_t*, zMem, { zip_close (finally_arg); });
-					const wchar_t* efiFiles[] = {
+					const wchar_t* efi64Files[] = {
 						L"EFI/Boot/bootx64.efi",
 						L"EFI/VeraCrypt/DcsBml.dcs",
 						L"EFI/VeraCrypt/DcsBoot.efi",
@@ -3224,10 +3240,23 @@ namespace VeraCrypt
 						L"EFI/Boot/original_bootx64.vc_backup"
 					};
 					const wchar_t* efi32Files[] = {
 						L"EFI/Boot/bootia32.efi",
 						L"EFI/VeraCrypt/DcsBml.dcs",
 						L"EFI/VeraCrypt/DcsBoot.efi",
 						L"EFI/VeraCrypt/DcsCfg.dcs",
 						L"EFI/VeraCrypt/DcsInt.dcs",
 						L"EFI/VeraCrypt/LegacySpeaker.dcs",
 						L"EFI/VeraCrypt/svh_bak",
 						L"EFI/Boot/original_bootia32.vc_backup"
 					};
 					int i;
 					zip_stat_t statMem, statFile;
 					zip_int64_t indexMem, indexFile;
-					for (i = 0; i < ARRAYSIZE(efiFiles); i++)
+					const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files;
 					int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files);
 					for (i = 0; i < efiFilesSize; i++)
 					{
 						bool bMatch = false;
 						indexMem = zip_name_locate (zMem, WideToUtf8String (efiFiles[i]).c_str(), ZIP_FL_NOCASE);
@@ -3277,7 +3306,7 @@ namespace VeraCrypt
 							break;
 					}
-					if (i == ARRAYSIZE(efiFiles))
+					if (i == efiFilesSize)
 					{
 						// All entries processed
 						return true;
@@ -3407,11 +3436,11 @@ namespace VeraCrypt
 			EfiBootInst.MountBootPartition(0);			
-			EfiBootInst.GetFileSize(L"\\EFI\\Boot\\bootx64.efi", loaderSize);
+			EfiBootInst.GetFileSize(Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi" : L"\\EFI\\Boot\\bootia32.efi", loaderSize);
 			std::vector<byte> bootLoaderBuf ((size_t) loaderSize);
-			EfiBootInst.ReadFile(L"\\EFI\\Boot\\bootx64.efi", &bootLoaderBuf[0], (DWORD) loaderSize);
+			EfiBootInst.ReadFile(Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi", &bootLoaderBuf[0], (DWORD) loaderSize);
 			// Prevent VeraCrypt EFI loader from being backed up
 			for (size_t i = 0; i < (size_t) loaderSize - (wcslen (VC_EFI_BOOTLOADER_NAME) * 2); ++i)
@@ -3424,10 +3453,18 @@ namespace VeraCrypt
 				}
 			}
 			if (Is64BitOs())
 			{
 				EfiBootInst.CopyFile(L"\\EFI\\Boot\\bootx64.efi", GetSystemLoaderBackupPath().c_str());
 				EfiBootInst.CopyFile(L"\\EFI\\Boot\\bootx64.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup");
 			}
 			else
 			{
 				EfiBootInst.CopyFile(L"\\EFI\\Boot\\bootia32.efi", GetSystemLoaderBackupPath().c_str());
 				EfiBootInst.CopyFile(L"\\EFI\\Boot\\bootia32.efi", L"\\EFI\\Boot\\original_bootia32.vc_backup");
 			}
 		}
 		else
 		{
 			Device device (GetSystemDriveConfiguration().DevicePath, true);
 			device.CheckOpened (SRC_POS);
@@ -3474,7 +3511,10 @@ namespace VeraCrypt
 			EfiBootInst.MountBootPartition(0);			
 			EfiBootInst.DeleteStartExec();
 			if (Is64BitOs())
 				EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE);
 			else
 				EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootia32.vc_backup", L"\\EFI\\Boot\\bootia32.efi", TRUE);
 			EfiBootInst.DelFile(L"\\DcsBoot.efi");
 			EfiBootInst.DelFile(L"\\DcsInt.efi");
@@ -3953,9 +3993,6 @@ namespace VeraCrypt
 		SystemDriveConfiguration config = GetSystemDriveConfiguration ();
 		if (config.SystemPartition.IsGPT && !Is64BitOs())
 			throw ErrorException ("GPT_BOOT_DRIVE_UNSUPPORTED", SRC_POS);
 		if (SystemDriveIsDynamic())
 			throw ErrorException ("SYSENC_UNSUPPORTED_FOR_DYNAMIC_DISK", SRC_POS);
@@ -538,6 +538,12 @@ IDR_EFI_DCSCFG          BIN                     "..\\Boot\\EFI\\DcsCfg.efi"
 IDR_EFI_LEGACYSPEAKER   BIN                     "..\\Boot\\EFI\\LegacySpeaker.efi"
 IDR_EFI_DCSBML         BIN                     "..\\Boot\\EFI\\DcsBml.efi"
 IDR_EFI_DCSRE          BIN                     "..\\Boot\\EFI\\DcsRe.efi"
 IDR_EFI_DCSBOOT32         BIN                     "..\\Boot\\EFI\\DcsBoot32.efi"
 IDR_EFI_DCSINT32          BIN                     "..\\Boot\\EFI\\DcsInt32.efi"
 IDR_EFI_DCSCFG32          BIN                     "..\\Boot\\EFI\\DcsCfg32.efi"
 IDR_EFI_LEGACYSPEAKER32   BIN                     "..\\Boot\\EFI\\LegacySpeaker32.efi"
 IDR_EFI_DCSBML32         BIN                     "..\\Boot\\EFI\\DcsBml32.efi"
 IDR_EFI_DCSRE32          BIN                     "..\\Boot\\EFI\\DcsRe32.efi"
 /////////////////////////////////////////////////////////////////////////////
 //
@@ -73,6 +73,12 @@
 #define IDR_EFI_LEGACYSPEAKER           569
 #define IDR_EFI_DCSBML           		570
 #define IDR_EFI_DCSRE           		571
 #define IDR_EFI_DCSBOOT32               572
 #define IDR_EFI_DCSINT32                573
 #define IDR_EFI_DCSCFG32                574
 #define IDR_EFI_LEGACYSPEAKER32         575
 #define IDR_EFI_DCSBML32           		576
 #define IDR_EFI_DCSRE32           		577
 #define IDC_HW_AES_LABEL_LINK           5000
 #define IDC_HW_AES                      5001
 #define IDC_PARALLELIZATION_LABEL_LINK  5002
@@ -220,7 +226,7 @@
 #ifdef APSTUDIO_INVOKED
 #ifndef APSTUDIO_READONLY_SYMBOLS
 #define _APS_NO_MFC                     1
-#define _APS_NEXT_RESOURCE_VALUE        572
+#define _APS_NEXT_RESOURCE_VALUE        578
 #define _APS_NEXT_COMMAND_VALUE         40001
 #define _APS_NEXT_CONTROL_VALUE         5141
 #define _APS_NEXT_SYMED_VALUE           101