Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Windows: remove 32-bit logic from the code since we support only 64-bit. remove 32-bit EFI bootloader files.

Browse Source 
We also fix intermediary files folder for Portable and Setup projects
This commit is contained in:
Mounir IDRASSI
2024-11-16 01:05:15 +01:00
parent 489d3e3873
commit c86577fc0e
41 changed files with 131 additions and 525 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
src/Boot/EFI/DcsBoot32.efi
View File

Binary file not shown.

BIN
src/Boot/EFI/DcsCfg32.efi
View File

Binary file not shown.

BIN
src/Boot/EFI/DcsInfo32.efi
View File

Binary file not shown.

BIN
src/Boot/EFI/DcsInt32.efi
View File

Binary file not shown.

BIN
src/Boot/EFI/DcsRe32.efi
View File

Binary file not shown.

BIN
src/Boot/EFI/LegacySpeaker32.efi
View File

Binary file not shown.

104
src/Common/BootEncryption.cpp
View File

@@ -3332,53 +3332,29 @@ namespace VeraCrypt
} }
} }
DWORD sizeDcsBoot; DWORD sizeDcsBoot;
#ifdef _WIN64
uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot); uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot);
#else
uint8 *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT : IDR_EFI_DCSBOOT32, &sizeDcsBoot);
#endif
if (!dcsBootImg) if (!dcsBootImg)
throw ErrorException(L"Out of resource DcsBoot", SRC_POS); throw ErrorException(L"Out of resource DcsBoot", SRC_POS);
DWORD sizeDcsInt; DWORD sizeDcsInt;
#ifdef _WIN64
uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt); uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt);
#else
uint8 *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt);
#endif
if (!dcsIntImg) if (!dcsIntImg)
throw ErrorException(L"Out of resource DcsInt", SRC_POS); throw ErrorException(L"Out of resource DcsInt", SRC_POS);
DWORD sizeDcsCfg; DWORD sizeDcsCfg;
#ifdef _WIN64
uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg); uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg);
#else
uint8 *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg);
#endif
if (!dcsCfgImg) if (!dcsCfgImg)
throw ErrorException(L"Out of resource DcsCfg", SRC_POS); throw ErrorException(L"Out of resource DcsCfg", SRC_POS);
DWORD sizeLegacySpeaker; DWORD sizeLegacySpeaker;
#ifdef _WIN64
uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker); uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
#else
uint8 *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker);
#endif
if (!LegacySpeakerImg) if (!LegacySpeakerImg)
throw ErrorException(L"Out of resource LegacySpeaker", SRC_POS); throw ErrorException(L"Out of resource LegacySpeaker", SRC_POS);
#ifdef VC_EFI_CUSTOM_MODE #ifdef VC_EFI_CUSTOM_MODE
DWORD sizeBootMenuLocker; DWORD sizeBootMenuLocker;
#ifdef _WIN64
uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker); uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
#else
uint8 *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker);
#endif
if (!BootMenuLockerImg) if (!BootMenuLockerImg)
throw ErrorException(L"Out of resource DcsBml", SRC_POS); throw ErrorException(L"Out of resource DcsBml", SRC_POS);
#endif #endif
DWORD sizeDcsInfo; DWORD sizeDcsInfo;
#ifdef _WIN64
uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo); uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo);
#else
uint8 *DcsInfoImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINFO: IDR_EFI_DCSINFO32, &sizeDcsInfo);
#endif
if (!DcsInfoImg) if (!DcsInfoImg)
throw ErrorException(L"Out of resource DcsInfo", SRC_POS); throw ErrorException(L"Out of resource DcsInfo", SRC_POS);
@@ -3390,8 +3366,8 @@ namespace VeraCrypt
bool bAlreadyExist; bool bAlreadyExist;
const char* g_szMsBootString = "bootmgfw.pdb"; const char* g_szMsBootString = "bootmgfw.pdb";
unsigned __int64 loaderSize = 0; unsigned __int64 loaderSize = 0;
const wchar_t * szStdEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\bootx64.efi": L"\\EFI\\Boot\\bootia32.efi"; const wchar_t * szStdEfiBootloader = L"\\EFI\\Boot\\bootx64.efi";
const wchar_t * szBackupEfiBootloader = Is64BitOs()? L"\\EFI\\Boot\\original_bootx64.vc_backup": L"\\EFI\\Boot\\original_bootia32.vc_backup"; const wchar_t * szBackupEfiBootloader = L"\\EFI\\Boot\\original_bootx64.vc_backup";
if (preserveUserConfig) if (preserveUserConfig)
{ {
@@ -3547,10 +3523,7 @@ namespace VeraCrypt
// move the original bootloader backup from old location (if it exists) to new location // move the original bootloader backup from old location (if it exists) to new location
// we don't force the move operation if the new location already exists // we don't force the move operation if the new location already exists
if (Is64BitOs()) EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootx64_vc_backup.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup", FALSE);
EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootx64_vc_backup.efi", L"\\EFI\\Boot\\original_bootx64.vc_backup", FALSE);
else
EfiBootInst.RenameFile (L"\\EFI\\Boot\\original_bootia32_vc_backup.efi", L"\\EFI\\Boot\\original_bootia32.vc_backup", FALSE);
// Clean beta9 // Clean beta9
EfiBootInst.DelFile(L"\\DcsBoot.efi"); EfiBootInst.DelFile(L"\\DcsBoot.efi");
@@ -3729,61 +3702,33 @@ namespace VeraCrypt
{ {
// create EFI disk structure // create EFI disk structure
DWORD sizeDcsBoot; DWORD sizeDcsBoot;
#ifdef _WIN64
uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot); uint8 *dcsBootImg = MapResource(L"BIN", IDR_EFI_DCSBOOT, &sizeDcsBoot);
#else
uint8 *dcsBootImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBOOT : IDR_EFI_DCSBOOT32, &sizeDcsBoot);
#endif
if (!dcsBootImg) if (!dcsBootImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsInt; DWORD sizeDcsInt;
#ifdef _WIN64
uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt); uint8 *dcsIntImg = MapResource(L"BIN", IDR_EFI_DCSINT, &sizeDcsInt);
#else
uint8 *dcsIntImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINT: IDR_EFI_DCSINT32, &sizeDcsInt);
#endif
if (!dcsIntImg) if (!dcsIntImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsCfg; DWORD sizeDcsCfg;
#ifdef _WIN64
uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg); uint8 *dcsCfgImg = MapResource(L"BIN", IDR_EFI_DCSCFG, &sizeDcsCfg);
#else
uint8 *dcsCfgImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSCFG: IDR_EFI_DCSCFG32, &sizeDcsCfg);
#endif
if (!dcsCfgImg) if (!dcsCfgImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
DWORD sizeLegacySpeaker; DWORD sizeLegacySpeaker;
#ifdef _WIN64
uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker); uint8 *LegacySpeakerImg = MapResource(L"BIN", IDR_EFI_LEGACYSPEAKER, &sizeLegacySpeaker);
#else
uint8 *LegacySpeakerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_LEGACYSPEAKER: IDR_EFI_LEGACYSPEAKER32, &sizeLegacySpeaker);
#endif
if (!LegacySpeakerImg) if (!LegacySpeakerImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
#ifdef VC_EFI_CUSTOM_MODE #ifdef VC_EFI_CUSTOM_MODE
DWORD sizeBootMenuLocker; DWORD sizeBootMenuLocker;
#ifdef _WIN64
uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker); uint8 *BootMenuLockerImg = MapResource(L"BIN", IDR_EFI_DCSBML, &sizeBootMenuLocker);
#else
uint8 *BootMenuLockerImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSBML: IDR_EFI_DCSBML32, &sizeBootMenuLocker);
#endif
if (!BootMenuLockerImg) if (!BootMenuLockerImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
#endif #endif
DWORD sizeDcsRescue; DWORD sizeDcsRescue;
#ifdef _WIN64
uint8 *DcsRescueImg = MapResource(L"BIN", IDR_EFI_DCSRE, &sizeDcsRescue); uint8 *DcsRescueImg = MapResource(L"BIN", IDR_EFI_DCSRE, &sizeDcsRescue);
#else
uint8 *DcsRescueImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSRE: IDR_EFI_DCSRE32, &sizeDcsRescue);
#endif
if (!DcsRescueImg) if (!DcsRescueImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
DWORD sizeDcsInfo; DWORD sizeDcsInfo;
#ifdef _WIN64
uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo); uint8 *DcsInfoImg = MapResource(L"BIN", IDR_EFI_DCSINFO, &sizeDcsInfo);
#else
uint8 *DcsInfoImg = MapResource(L"BIN", Is64BitOs()? IDR_EFI_DCSINFO: IDR_EFI_DCSINFO32, &sizeDcsInfo);
#endif
if (!DcsInfoImg) if (!DcsInfoImg)
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
@@ -3809,7 +3754,7 @@ namespace VeraCrypt
finally_do_arg (zip_t**, &z, { if (*finally_arg) zip_discard (*finally_arg);}); finally_do_arg (zip_t**, &z, { if (*finally_arg) zip_discard (*finally_arg);});
if (!ZipAdd (z, Is64BitOs()? "EFI/Boot/bootx64.efi": "EFI/Boot/bootia32.efi", DcsRescueImg, sizeDcsRescue)) if (!ZipAdd (z, "EFI/Boot/bootx64.efi", DcsRescueImg, sizeDcsRescue))
throw ParameterIncorrect (SRC_POS); throw ParameterIncorrect (SRC_POS);
#ifdef VC_EFI_CUSTOM_MODE #ifdef VC_EFI_CUSTOM_MODE
if (!ZipAdd (z, "EFI/VeraCrypt/DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker)) if (!ZipAdd (z, "EFI/VeraCrypt/DcsBml.dcs", BootMenuLockerImg, sizeBootMenuLocker))
@@ -3858,7 +3803,7 @@ namespace VeraCrypt
sysBakFile.GetFileSize(fileSize); sysBakFile.GetFileSize(fileSize);
fileBuf.Resize ((DWORD) fileSize); fileBuf.Resize ((DWORD) fileSize);
DWORD sizeLoader = sysBakFile.Read (fileBuf.Ptr (), fileSize); DWORD sizeLoader = sysBakFile.Read (fileBuf.Ptr (), fileSize);
bLoadAdded = ZipAdd (z, Is64BitOs()? "EFI/Boot/original_bootx64.vc_backup": "EFI/Boot/original_bootia32.vc_backup", fileBuf.Ptr (), sizeLoader); bLoadAdded = ZipAdd (z, "EFI/Boot/original_bootx64.vc_backup", fileBuf.Ptr (), sizeLoader);
} }
catch (Exception &e) catch (Exception &e)
{ {
@@ -4085,19 +4030,6 @@ namespace VeraCrypt
L"EFI/VeraCrypt/svh_bak", L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootx64.vc_backup" L"EFI/Boot/original_bootx64.vc_backup"
}; };
const wchar_t* efi32Files[] = {
L"EFI/Boot/bootia32.efi",
#ifdef VC_EFI_CUSTOM_MODE
L"EFI/VeraCrypt/DcsBml.dcs",
#endif
L"EFI/VeraCrypt/DcsBoot.efi",
L"EFI/VeraCrypt/DcsCfg.dcs",
L"EFI/VeraCrypt/DcsInt.dcs",
L"EFI/VeraCrypt/LegacySpeaker.dcs",
L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootia32.vc_backup"
};
zip_error_t zerr; zip_error_t zerr;
zip_source_t* zsrc = zip_source_buffer_create (RescueZipData, RescueZipSize, 0, &zerr); zip_source_t* zsrc = zip_source_buffer_create (RescueZipData, RescueZipSize, 0, &zerr);
@@ -4126,8 +4058,8 @@ namespace VeraCrypt
&& !wcsncmp (szNameBuffer, L"FAT", 3)) && !wcsncmp (szNameBuffer, L"FAT", 3))
{ {
int i; int i;
const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files; const wchar_t** efiFiles = efi64Files;
int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files); int efiFilesSize = ARRAYSIZE(efi64Files);
for (i = 0; i < efiFilesSize; i++) for (i = 0; i < efiFilesSize; i++)
{ {
bool bMatch = false; bool bMatch = false;
@@ -4280,25 +4212,12 @@ namespace VeraCrypt
L"EFI/VeraCrypt/svh_bak", L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootx64.vc_backup" L"EFI/Boot/original_bootx64.vc_backup"
}; };
const wchar_t* efi32Files[] = {
L"EFI/Boot/bootia32.efi",
#ifdef VC_EFI_CUSTOM_MODE
L"EFI/VeraCrypt/DcsBml.dcs",
#endif
L"EFI/VeraCrypt/DcsBoot.efi",
L"EFI/VeraCrypt/DcsCfg.dcs",
L"EFI/VeraCrypt/DcsInt.dcs",
L"EFI/VeraCrypt/LegacySpeaker.dcs",
L"EFI/VeraCrypt/svh_bak",
L"EFI/Boot/original_bootia32.vc_backup"
};
int i; int i;
zip_stat_t statMem, statFile; zip_stat_t statMem, statFile;
zip_int64_t indexMem, indexFile; zip_int64_t indexMem, indexFile;
const wchar_t** efiFiles = Is64BitOs()? efi64Files: efi32Files; const wchar_t** efiFiles = efi64Files;
int efiFilesSize = Is64BitOs()? ARRAYSIZE(efi64Files): ARRAYSIZE(efi32Files); int efiFilesSize = ARRAYSIZE(efi64Files);
for (i = 0; i < efiFilesSize; i++) for (i = 0; i < efiFilesSize; i++)
{ {
bool bMatch = false; bool bMatch = false;
@@ -4573,10 +4492,7 @@ namespace VeraCrypt
EfiBootInst.DeleteStartExec(); EfiBootInst.DeleteStartExec();
EfiBootInst.DeleteStartExec(0xDC5B, L"Driver"); // remove DcsBml boot driver it was installed EfiBootInst.DeleteStartExec(0xDC5B, L"Driver"); // remove DcsBml boot driver it was installed
if (Is64BitOs()) EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE);
EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootx64.vc_backup", L"\\EFI\\Boot\\bootx64.efi", TRUE);
else
EfiBootInst.RenameFile(L"\\EFI\\Boot\\original_bootia32.vc_backup", L"\\EFI\\Boot\\bootia32.efi", TRUE);
if (!EfiBootInst.RenameFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE)) if (!EfiBootInst.RenameFile(L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc", L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", TRUE))
{ {

32
src/Common/Cache.c
View File

@@ -24,8 +24,6 @@ int CachedPim[CACHE_SIZE];
int cacheEmpty = 1; int cacheEmpty = 1;
static int nPasswordIdx = 0; static int nPasswordIdx = 0;
#ifdef _WIN64
uint64 VcGetPasswordEncryptionID (Password* pPassword) uint64 VcGetPasswordEncryptionID (Password* pPassword)
{ {
return ((uint64) pPassword->Text) + ((uint64) pPassword); return ((uint64) pPassword->Text) + ((uint64) pPassword);
@@ -41,8 +39,6 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID)
VcProtectPassword (pPassword, encID); VcProtectPassword (pPassword, encID);
} }
#endif
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo) int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo)
{ {
int nReturnCode = ERR_PASSWORD_WRONG; int nReturnCode = ERR_PASSWORD_WRONG;
@@ -56,37 +52,29 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch
/* Save mount passwords back into cache if asked to do so */ /* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)) if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
{ {
#ifdef _WIN64
Password tmpPass; Password tmpPass;
#endif
for (i = 0; i < CACHE_SIZE; i++) for (i = 0; i < CACHE_SIZE; i++)
{ {
Password* pCurrentPassword = &CachedPasswords[i]; Password* pCurrentPassword = &CachedPasswords[i];
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); memcpy (&tmpPass, pCurrentPassword, sizeof (Password));
VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword));
pCurrentPassword = &tmpPass; pCurrentPassword = &tmpPass;
} }
#endif
if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0) if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0)
break; break;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
burn (&tmpPass, sizeof (Password)); burn (&tmpPass, sizeof (Password));
#endif
if (i == CACHE_SIZE) if (i == CACHE_SIZE)
{ {
/* Store the password */ /* Store the password */
CachedPasswords[nPasswordIdx] = *password; CachedPasswords[nPasswordIdx] = *password;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx])); VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx]));
#endif
/* Store also PIM if requested, otherwise set to default */ /* Store also PIM if requested, otherwise set to default */
if (bCachePim && (pim > 0)) if (bCachePim && (pim > 0))
@@ -107,21 +95,18 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch
} }
else if (!cacheEmpty) else if (!cacheEmpty)
{ {
#ifdef _WIN64
Password tmpPass; Password tmpPass;
#endif
/* Attempt to recognize volume using cached passwords */ /* Attempt to recognize volume using cached passwords */
for (i = 0; i < CACHE_SIZE; i++) for (i = 0; i < CACHE_SIZE; i++)
{ {
Password* pCurrentPassword = &CachedPasswords[i]; Password* pCurrentPassword = &CachedPasswords[i];
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); memcpy (&tmpPass, pCurrentPassword, sizeof (Password));
VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword));
pCurrentPassword = &tmpPass; pCurrentPassword = &tmpPass;
} }
#endif
if ((pCurrentPassword->Length > 0) && (pCurrentPassword->Length <= (unsigned int) ((bBoot? MAX_LEGACY_PASSWORD: MAX_PASSWORD)))) if ((pCurrentPassword->Length > 0) && (pCurrentPassword->Length <= (unsigned int) ((bBoot? MAX_LEGACY_PASSWORD: MAX_PASSWORD))))
{ {
if (pim == -1) if (pim == -1)
@@ -134,10 +119,10 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch
break; break;
} }
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
burn (&tmpPass, sizeof (Password)); burn (&tmpPass, sizeof (Password));
#endif
} }
return nReturnCode; return nReturnCode;
@@ -146,21 +131,18 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, unsigned ch
void AddPasswordToCache (Password *password, int pim, BOOL bCachePim) void AddPasswordToCache (Password *password, int pim, BOOL bCachePim)
{ {
#ifdef _WIN64
Password tmpPass; Password tmpPass;
#endif
int i; int i;
for (i = 0; i < CACHE_SIZE; i++) for (i = 0; i < CACHE_SIZE; i++)
{ {
Password* pCurrentPassword = &CachedPasswords[i]; Password* pCurrentPassword = &CachedPasswords[i];
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
memcpy (&tmpPass, pCurrentPassword, sizeof (Password)); memcpy (&tmpPass, pCurrentPassword, sizeof (Password));
VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword)); VcUnprotectPassword (&tmpPass, VcGetPasswordEncryptionID (pCurrentPassword));
pCurrentPassword = &tmpPass; pCurrentPassword = &tmpPass;
} }
#endif
if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0) if (memcmp (pCurrentPassword, password, sizeof (Password)) == 0)
break; break;
} }
@@ -168,10 +150,9 @@ void AddPasswordToCache (Password *password, int pim, BOOL bCachePim)
if (i == CACHE_SIZE) if (i == CACHE_SIZE)
{ {
CachedPasswords[nPasswordIdx] = *password; CachedPasswords[nPasswordIdx] = *password;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx])); VcProtectPassword (&CachedPasswords[nPasswordIdx], VcGetPasswordEncryptionID (&CachedPasswords[nPasswordIdx]));
#endif
/* Store also PIM if requested, otherwise set to default */ /* Store also PIM if requested, otherwise set to default */
if (bCachePim && (pim > 0)) if (bCachePim && (pim > 0))
CachedPim[nPasswordIdx] = pim; CachedPim[nPasswordIdx] = pim;
@@ -184,10 +165,9 @@ void AddPasswordToCache (Password *password, int pim, BOOL bCachePim)
{ {
CachedPim[i] = pim > 0? pim : 0; CachedPim[i] = pim > 0? pim : 0;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
burn (&tmpPass, sizeof (Password)); burn (&tmpPass, sizeof (Password));
#endif
} }
void AddLegacyPasswordToCache (PasswordLegacy *password, int pim) void AddLegacyPasswordToCache (PasswordLegacy *password, int pim)

7
src/Common/Cmdline.c
View File

@@ -51,12 +51,7 @@ BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
*tmp = 0; *tmp = 0;
StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX)); StringCchCopyW (tmp, 8192, L"VeraCrypt " _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX) L" (64-bit)");
#ifdef _WIN64
StringCchCatW (tmp, 8192, L" (64-bit)");
#else
StringCchCatW (tmp, 8192, L" (32-bit)");
#endif
#if (defined(_DEBUG) || defined(DEBUG)) #if (defined(_DEBUG) || defined(DEBUG))
StringCchCatW (tmp, 8192, L" (debug)"); StringCchCatW (tmp, 8192, L" (debug)");
#endif #endif

11
src/Common/Common.rc
View File

@@ -565,17 +565,6 @@ IDR_EFI_DCSBML BIN "..\\Boot\\EFI\\DcsBml.efi"
#endif #endif
IDR_EFI_DCSRE BIN "..\\Boot\\EFI\\DcsRe.efi" IDR_EFI_DCSRE BIN "..\\Boot\\EFI\\DcsRe.efi"
IDR_EFI_DCSINFO BIN "..\\Boot\\EFI\\DcsInfo.efi" IDR_EFI_DCSINFO BIN "..\\Boot\\EFI\\DcsInfo.efi"
#ifndef WIN64
IDR_EFI_DCSBOOT32 BIN "..\\Boot\\EFI\\DcsBoot32.efi"
IDR_EFI_DCSINT32 BIN "..\\Boot\\EFI\\DcsInt32.efi"
IDR_EFI_DCSCFG32 BIN "..\\Boot\\EFI\\DcsCfg32.efi"
IDR_EFI_LEGACYSPEAKER32 BIN "..\\Boot\\EFI\\LegacySpeaker32.efi"
#ifdef VC_EFI_CUSTOM_MODE
IDR_EFI_DCSBML32 BIN "..\\Boot\\EFI\\DcsBml32.efi"
#endif
IDR_EFI_DCSRE32 BIN "..\\Boot\\EFI\\DcsRe32.efi"
IDR_EFI_DCSINFO32 BIN "..\\Boot\\EFI\\DcsInfo32.efi"
#endif
#endif #endif
///////////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////////////
// //

51
src/Common/Crypto.c
View File

@@ -193,8 +193,7 @@ void EncipherBlock(int cipher, void *data, void *ks)
switch (cipher) switch (cipher)
{ {
case AES: case AES:
// In 32-bit kernel mode, due to KeSaveFloatingPointState() overhead, AES instructions can be used only when processing the whole data unit. #if !defined (TC_WINDOWS_BOOT)
#if (defined (_WIN64) || !defined (TC_WINDOWS_DRIVER)) && !defined (TC_WINDOWS_BOOT)
if (IsAesHwCpuSupported()) if (IsAesHwCpuSupported())
aes_hw_cpu_encrypt (ks, data); aes_hw_cpu_encrypt (ks, data);
else else
@@ -221,16 +220,10 @@ void EncipherBlock(int cipher, void *data, void *ks)
void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
{ {
uint8 *data = dataPtr; uint8 *data = dataPtr;
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
#endif
if (cipher == AES if (cipher == AES
&& (blockCount & (32 - 1)) == 0 && (blockCount & (32 - 1)) == 0
&& IsAesHwCpuSupported() && IsAesHwCpuSupported()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
while (blockCount > 0) while (blockCount > 0)
@@ -241,24 +234,15 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
blockCount -= 32; blockCount -= 32;
} }
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#ifndef WOLFCRYPT_BACKEND #ifndef WOLFCRYPT_BACKEND
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == SERPENT else if (cipher == SERPENT
&& (blockCount >= 4) && (blockCount >= 4)
&& HasSSE2() && HasSSE2()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
serpent_encrypt_blocks (data, data, blockCount, ks); serpent_encrypt_blocks (data, data, blockCount, ks);
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#endif #endif
#if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM) #if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM)
@@ -272,15 +256,9 @@ void EncipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == KUZNYECHIK else if (cipher == KUZNYECHIK
&& HasSSE2() && HasSSE2()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& (blockCount >= 4) && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
kuznyechik_encrypt_blocks (data, data, blockCount, ks); kuznyechik_encrypt_blocks (data, data, blockCount, ks);
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#endif #endif
#endif #endif
@@ -316,11 +294,9 @@ void DecipherBlock(int cipher, void *data, void *ks)
#ifndef TC_WINDOWS_BOOT #ifndef TC_WINDOWS_BOOT
case AES: case AES:
#if defined (_WIN64) || !defined (TC_WINDOWS_DRIVER)
if (IsAesHwCpuSupported()) if (IsAesHwCpuSupported())
aes_hw_cpu_decrypt ((uint8 *) ks + sizeof (aes_encrypt_ctx), data); aes_hw_cpu_decrypt ((uint8 *) ks + sizeof (aes_encrypt_ctx), data);
else else
#endif
aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx))); aes_decrypt (data, data, (void *) ((char *) ks + sizeof(aes_encrypt_ctx)));
break; break;
@@ -336,16 +312,10 @@ void DecipherBlock(int cipher, void *data, void *ks)
void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount) void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
{ {
uint8 *data = dataPtr; uint8 *data = dataPtr;
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
#endif
if (cipher == AES if (cipher == AES
&& (blockCount & (32 - 1)) == 0 && (blockCount & (32 - 1)) == 0
&& IsAesHwCpuSupported() && IsAesHwCpuSupported()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
while (blockCount > 0) while (blockCount > 0)
@@ -356,24 +326,15 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
blockCount -= 32; blockCount -= 32;
} }
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#ifndef WOLFCRYPT_BACKEND #ifndef WOLFCRYPT_BACKEND
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == SERPENT else if (cipher == SERPENT
&& (blockCount >= 4) && (blockCount >= 4)
&& HasSSE2() && HasSSE2()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
serpent_decrypt_blocks (data, data, blockCount, ks); serpent_decrypt_blocks (data, data, blockCount, ks);
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#endif #endif
#if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM) #if CRYPTOPP_BOOL_X64 && !defined(CRYPTOPP_DISABLE_ASM)
@@ -387,15 +348,9 @@ void DecipherBlocks (int cipher, void *dataPtr, void *ks, size_t blockCount)
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined (_UEFI)
else if (cipher == KUZNYECHIK else if (cipher == KUZNYECHIK
&& HasSSE2() && HasSSE2()
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
&& (blockCount >= 4) && NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState))
#endif
) )
{ {
kuznyechik_decrypt_blocks (data, data, blockCount, ks); kuznyechik_decrypt_blocks (data, data, blockCount, ks);
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#endif #endif
#endif #endif
@@ -1260,14 +1215,10 @@ BOOL IsCpuRngEnabled ()
BOOL IsRamEncryptionSupported () BOOL IsRamEncryptionSupported ()
{ {
#ifdef _WIN64
if (t1ha_selfcheck__t1ha2() == 0) if (t1ha_selfcheck__t1ha2() == 0)
return TRUE; return TRUE;
else else
return FALSE; return FALSE;
#else
return FALSE;
#endif
} }
void EnableRamEncryption (BOOL enable) void EnableRamEncryption (BOOL enable)

4
src/Common/Crypto.h
View File

@@ -208,9 +208,7 @@ typedef struct
# include "Camellia.h" # include "Camellia.h"
#if !defined (_UEFI) #if !defined (_UEFI)
# include "chachaRng.h" # include "chachaRng.h"
# ifdef _WIN64
# include "t1ha.h" # include "t1ha.h"
# endif
#endif #endif
#else #else
# include "CamelliaSmall.h" # include "CamelliaSmall.h"
@@ -386,7 +384,7 @@ void DecryptDataUnitsCurrentThread (unsigned __int8 *buf, const UINT64_STRUCT *s
void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); void EncryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo);
void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo); void DecryptBuffer (unsigned __int8 *buf, TC_LARGEST_COMPILER_UINT len, PCRYPTO_INFO cryptoInfo);
#if defined(_WIN64) && !defined (_UEFI) #if !defined (TC_WINDOWS_BOOT) && !defined (_UEFI)
BOOL InitializeSecurityParameters(GetRandSeedFn rngCallback); BOOL InitializeSecurityParameters(GetRandSeedFn rngCallback);
void ClearSecurityParameters(); void ClearSecurityParameters();
#ifdef TC_WINDOWS_DRIVER #ifdef TC_WINDOWS_DRIVER

56
src/Common/Dlgcode.c
View File

@@ -2126,12 +2126,8 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam
// Version // Version
SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0); SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0);
StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX)); StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX) L" (64-bit)");
#ifdef _WIN64
StringCbCatW (szTmp, sizeof(szTmp), L" (64-bit)");
#else
StringCbCatW (szTmp, sizeof(szTmp), L" (32-bit)");
#endif
#if (defined(_DEBUG) || defined(DEBUG)) #if (defined(_DEBUG) || defined(DEBUG))
StringCbCatW (szTmp, sizeof(szTmp), L" (debug)"); StringCbCatW (szTmp, sizeof(szTmp), L" (debug)");
#endif #endif
@@ -3602,6 +3598,12 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run."); AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run.");
} }
if (!Is64BitOs())
{
// abort using a message that says that VeraCrypt can run only on 64-bit Windows
AbortProcessDirect(L"VeraCrypt requires a 64-bit version of Windows to run.");
}
SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories");
if (!SetDefaultDllDirectoriesFn) if (!SetDefaultDllDirectoriesFn)
{ {
@@ -3787,14 +3789,14 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine)
InitHelpFileName (); InitHelpFileName ();
#ifndef SETUP #ifndef SETUP
#ifdef _WIN64
EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE);
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
if (!InitializeSecurityParameters(GetAppRandomSeed)) if (!InitializeSecurityParameters(GetAppRandomSeed))
AbortProcess("OUTOFMEMORY"); AbortProcess("OUTOFMEMORY");
} }
#endif
if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit()))
{ {
handleWin32Error (NULL, SRC_POS); handleWin32Error (NULL, SRC_POS);
@@ -4864,7 +4866,7 @@ static int DriverLoad ()
else else
*tmp = 0; *tmp = 0;
StringCbCatW (driverPath, sizeof(driverPath), !Is64BitOs () ? L"\\veracrypt.sys" : IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys"); StringCbCatW (driverPath, sizeof(driverPath), IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys");
file = FindFirstFile (driverPath, &find); file = FindFirstFile (driverPath, &find);
@@ -6322,19 +6324,11 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
{ {
if (thid == SHA256) if (thid == SHA256)
{ {
#ifdef _WIN64
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 26); benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 26);
#else
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 24);
#endif
} }
else else
{ {
#ifdef _WIN64
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 21) / 5; benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 21) / 5;
#else
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 18) / 5;
#endif
} }
} }
} }
@@ -6357,10 +6351,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
if (EAInitMode (ci, ci->k2)) if (EAInitMode (ci, ci->k2))
{ {
int i; int i;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (ci, VcGetEncryptionID (ci)); VcProtectKeys (ci, VcGetEncryptionID (ci));
#endif
for (i = 0; i < 10; i++) for (i = 0; i < 10; i++)
{ {
@@ -6382,10 +6374,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
if (!EAInitMode (ci, ci->k2)) if (!EAInitMode (ci, ci->k2))
goto counter_error; goto counter_error;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (ci, VcGetEncryptionID (ci)); VcProtectKeys (ci, VcGetEncryptionID (ci));
#endif
if (QueryPerformanceCounter (&performanceCountStart) == 0) if (QueryPerformanceCounter (&performanceCountStart) == 0)
goto counter_error; goto counter_error;
@@ -10198,7 +10188,7 @@ std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy)
{ {
wchar_t sysPath[TC_MAX_PATH]; wchar_t sysPath[TC_MAX_PATH];
if (Is64BitOs() && useLegacy) if (useLegacy)
{ {
typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize); typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize);
@@ -11098,8 +11088,7 @@ std::wstring GetWindowsEdition ()
else if (wcsstr(productName, L"Basic") != 0) else if (wcsstr(productName, L"Basic") != 0)
osname += L"-basic"; osname += L"-basic";
if (Is64BitOs()) osname += IsARM() ? L"-arm64" : L"-x64";
osname += IsARM() ? L"-arm64" : L"-x64";
if (CurrentOSServicePack > 0) if (CurrentOSServicePack > 0)
{ {
@@ -14237,17 +14226,14 @@ void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, B
SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList); SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList);
SHGetPathFromIDList (itemList, path); SHGetPathFromIDList (itemList, path);
if (Is64BitOs()) // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable)
wstring s = path;
size_t p = s.find (L" (x86)");
if (p != wstring::npos)
{ {
// Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) s = s.substr (0, p);
wstring s = path; if (_waccess (s.c_str(), 0) != -1)
size_t p = s.find (L" (x86)"); StringCbCopyW (path, sizeof (path), s.c_str());
if (p != wstring::npos)
{
s = s.substr (0, p);
if (_waccess (s.c_str(), 0) != -1)
StringCbCopyW (path, sizeof (path), s.c_str());
}
} }
StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\");
@@ -14820,7 +14806,7 @@ void SafeOpenURL (LPCWSTR szUrl)
} }
} }
#if !defined(SETUP) && defined(_WIN64) #if !defined(SETUP)
#define RtlGenRandom SystemFunction036 #define RtlGenRandom SystemFunction036
extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength); extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength);

2
src/Common/Dlgcode.h
View File

@@ -594,7 +594,7 @@ BitLockerEncryptionStatus GetBitLockerEncryptionStatus(WCHAR driveLetter);
BOOL IsTestSigningModeEnabled (); BOOL IsTestSigningModeEnabled ();
DWORD SendServiceNotification (DWORD dwNotificationCmd); DWORD SendServiceNotification (DWORD dwNotificationCmd);
DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize); DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize);
#ifdef _WIN64 #if !defined(SETUP)
void GetAppRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed); void GetAppRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed);
#endif #endif
BOOL IsInternetConnected(); BOOL IsInternetConnected();

6
src/Common/EncryptionThreadPool.c
View File

@@ -143,7 +143,6 @@ static TC_MUTEX DequeueMutex;
static TC_EVENT WorkItemReadyEvent; static TC_EVENT WorkItemReadyEvent;
static TC_EVENT WorkItemCompletedEvent; static TC_EVENT WorkItemCompletedEvent;
#if defined(_WIN64)
void EncryptDataUnitsCurrentThreadEx (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci) void EncryptDataUnitsCurrentThreadEx (unsigned __int8 *buf, const UINT64_STRUCT *structUnitNo, TC_LARGEST_COMPILER_UINT nbrUnits, PCRYPTO_INFO ci)
{ {
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
@@ -176,11 +175,6 @@ void DecryptDataUnitsCurrentThreadEx (unsigned __int8 *buf, const UINT64_STRUCT
DecryptDataUnitsCurrentThread (buf, structUnitNo, nbrUnits, ci); DecryptDataUnitsCurrentThread (buf, structUnitNo, nbrUnits, ci);
} }
#else
#define EncryptDataUnitsCurrentThreadEx EncryptDataUnitsCurrentThread
#define DecryptDataUnitsCurrentThreadEx DecryptDataUnitsCurrentThread
#endif
static WorkItemState GetWorkItemState (EncryptionThreadPoolWorkItem *workItem) static WorkItemState GetWorkItemState (EncryptionThreadPoolWorkItem *workItem)
{ {
return InterlockedExchangeAdd ((LONG *) &workItem->State, 0); return InterlockedExchangeAdd ((LONG *) &workItem->State, 0);

2
src/Common/Fat.c
View File

@@ -445,10 +445,8 @@ FormatFat (void* hwndDlgPtr, unsigned __int64 startSector, fatparams * ft, void
return ERR_MODE_INIT_FAILED; return ERR_MODE_INIT_FAILED;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
#endif
x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2; x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2;
while (x--) while (x--)

22
src/Common/Format.c
View File

@@ -100,10 +100,8 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
LARGE_INTEGER offset; LARGE_INTEGER offset;
BOOL bFailedRequiredDASD = FALSE; BOOL bFailedRequiredDASD = FALSE;
HWND hwndDlg = volParams->hwndDlg; HWND hwndDlg = volParams->hwndDlg;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
PCRYPTO_INFO cryptoInfoBackup = NULL; PCRYPTO_INFO cryptoInfoBackup = NULL;
#endif
FormatSectorSize = volParams->sectorSize; FormatSectorSize = volParams->sectorSize;
@@ -175,12 +173,10 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
return nStatus? nStatus : ERR_OUTOFMEMORY; return nStatus? nStatus : ERR_OUTOFMEMORY;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
} }
#endif
begin_format: begin_format:
@@ -640,7 +636,6 @@ begin_format:
goto error; goto error;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
VirtualLock (&tmpCI, sizeof (tmpCI)); VirtualLock (&tmpCI, sizeof (tmpCI));
@@ -649,7 +644,6 @@ begin_format:
cryptoInfoBackup = cryptoInfo; cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
header, header,
@@ -669,14 +663,12 @@ begin_format:
FormatSectorSize, FormatSectorSize,
FALSE); FALSE);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
cryptoInfo = cryptoInfoBackup; cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header)) if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header))
{ {
@@ -689,7 +681,6 @@ begin_format:
{ {
BOOL bUpdateBackup = FALSE; BOOL bUpdateBackup = FALSE;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
VirtualLock (&tmpCI, sizeof (tmpCI)); VirtualLock (&tmpCI, sizeof (tmpCI));
@@ -698,18 +689,15 @@ begin_format:
cryptoInfoBackup = cryptoInfo; cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE); nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, dataAreaSize, FALSE, FALSE);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
cryptoInfo = cryptoInfoBackup; cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto error; goto error;
@@ -915,9 +903,7 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num
LARGE_INTEGER startOffset; LARGE_INTEGER startOffset;
LARGE_INTEGER newOffset; LARGE_INTEGER newOffset;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
#endif
// Seek to start sector // Seek to start sector
startOffset.QuadPart = startSector * FormatSectorSize; startOffset.QuadPart = startSector * FormatSectorSize;
@@ -936,7 +922,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num
memset (sector, 0, sizeof (sector)); memset (sector, 0, sizeof (sector));
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
VirtualLock (&tmpCI, sizeof (tmpCI)); VirtualLock (&tmpCI, sizeof (tmpCI));
@@ -944,7 +929,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num
VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo)); VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo));
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
// Remember the original secondary key (XTS mode) before generating a temporary one // Remember the original secondary key (XTS mode) before generating a temporary one
memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2));
@@ -975,10 +959,8 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num
goto fail; goto fail;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
#endif
while (num_sectors--) while (num_sectors--)
{ {
@@ -1051,13 +1033,11 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, unsigned __int64 num
VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2)); VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf); TCfree (write_buf);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
return 0; return 0;
@@ -1069,13 +1049,11 @@ fail:
VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2)); VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf); TCfree (write_buf);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
SetLastError (err); SetLastError (err);
return (retVal ? retVal : ERR_OS_ERROR); return (retVal ? retVal : ERR_OS_ERROR);

4
src/Common/Random.c
View File

@@ -43,11 +43,7 @@ static HANDLE PeriodicFastPollThreadHandle = NULL;
/* Macro to add four bytes to the pool */ /* Macro to add four bytes to the pool */
#define RandaddInt32(x) RandAddInt((unsigned __int32)x); #define RandaddInt32(x) RandAddInt((unsigned __int32)x);
#ifdef _WIN64
#define RandaddIntPtr(x) RandAddInt64((unsigned __int64)x); #define RandaddIntPtr(x) RandAddInt64((unsigned __int64)x);
#else
#define RandaddIntPtr(x) RandAddInt((unsigned __int32)x);
#endif
void RandAddInt (unsigned __int32 x) void RandAddInt (unsigned __int32 x)
{ {

7
src/Common/Resource.h
View File

@@ -73,14 +73,7 @@
#define IDR_EFI_LEGACYSPEAKER 569 #define IDR_EFI_LEGACYSPEAKER 569
#define IDR_EFI_DCSBML 570 #define IDR_EFI_DCSBML 570
#define IDR_EFI_DCSRE 571 #define IDR_EFI_DCSRE 571
#define IDR_EFI_DCSBOOT32 572
#define IDR_EFI_DCSINT32 573
#define IDR_EFI_DCSCFG32 574
#define IDR_EFI_LEGACYSPEAKER32 575
#define IDR_EFI_DCSBML32 576
#define IDR_EFI_DCSRE32 577
#define IDR_EFI_DCSINFO 578 #define IDR_EFI_DCSINFO 578
#define IDR_EFI_DCSINFO32 579
#define IDC_HW_AES_LABEL_LINK 5000 #define IDC_HW_AES_LABEL_LINK 5000
#define IDC_HW_AES 5001 #define IDC_HW_AES 5001
#define IDC_PARALLELIZATION_LABEL_LINK 5002 #define IDC_PARALLELIZATION_LABEL_LINK 5002

2
src/Common/Tests.c
View File

@@ -725,10 +725,8 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci)
if (!EAInitMode (ci, key2)) if (!EAInitMode (ci, key2))
return FALSE; return FALSE;
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (ci, VcGetEncryptionID (ci)); VcProtectKeys (ci, VcGetEncryptionID (ci));
#endif
// Each data unit will contain the same plaintext // Each data unit will contain the same plaintext
for (i = 0; i < nbrUnits; i++) for (i = 0; i < nbrUnits; i++)

10
src/Common/Volumes.c
View File

@@ -559,21 +559,11 @@ KeyReady: ;
#ifdef TC_WINDOWS_DRIVER #ifdef TC_WINDOWS_DRIVER
{ {
blake2s_state ctx; blake2s_state ctx;
#ifndef _WIN64
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
KFLOATING_SAVE floatingPointState;
if (HasSSE2())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
blake2s_init (&ctx); blake2s_init (&ctx);
blake2s_update (&ctx, keyInfo->master_keydata, MASTER_KEYDATA_SIZE); blake2s_update (&ctx, keyInfo->master_keydata, MASTER_KEYDATA_SIZE);
blake2s_update (&ctx, header, sizeof(header)); blake2s_update (&ctx, header, sizeof(header));
blake2s_final (&ctx, cryptoInfo->master_keydata_hash); blake2s_final (&ctx, cryptoInfo->master_keydata_hash);
burn(&ctx, sizeof (ctx)); burn(&ctx, sizeof (ctx));
#ifndef _WIN64
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
} }
#else #else
memcpy (cryptoInfo->master_keydata, keyInfo->master_keydata, MASTER_KEYDATA_SIZE); memcpy (cryptoInfo->master_keydata, keyInfo->master_keydata, MASTER_KEYDATA_SIZE);

4
src/Crypto/chacha256.c
View File

@@ -20,7 +20,7 @@ void chacha_ECRYPT_encrypt_bytes(size_t bytes, uint32* x, const unsigned char* m
static VC_INLINE void xor_block_512(const unsigned char* in, const unsigned char* prev, unsigned char* out) static VC_INLINE void xor_block_512(const unsigned char* in, const unsigned char* prev, unsigned char* out)
{ {
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG)))
if (HasSSE2()) if (HasSSE2())
{ {
__m128i b1 = _mm_loadu_si128((const __m128i*) in); __m128i b1 = _mm_loadu_si128((const __m128i*) in);
@@ -161,7 +161,7 @@ static VC_INLINE void do_encrypt(const unsigned char* in, size_t len, unsigned c
if (len) if (len)
pos = 0; pos = 0;
#if CRYPTOPP_SSSE3_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) #if CRYPTOPP_SSSE3_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG)))
if (HasSSSE3()) if (HasSSSE3())
{ {
size_t fullblocks = len - len % 64; size_t fullblocks = len - len % 64;

21
src/Crypto/cpu.c
View File

@@ -140,11 +140,6 @@ static int TrySSE2()
return 1; return 1;
#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) && !defined(_UEFI) #elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) && !defined(_UEFI)
volatile int result = 1; volatile int result = 1;
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
if (NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)))
{
#endif
__try __try
{ {
#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE #if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE
@@ -158,12 +153,6 @@ static int TrySSE2()
{ {
result = 0; result = 0;
} }
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
}
else
return 0;
#endif
return result; return result;
#elif !defined(_UEFI) #elif !defined(_UEFI)
// longjmp and clobber warnings. Volatile is required. // longjmp and clobber warnings. Volatile is required.
@@ -293,17 +282,7 @@ static int Detect_MS_HyperV_AES ()
HvProductName[12] = 0; HvProductName[12] = 0;
if (_stricmp(HvProductName, "Microsoft Hv") == 0) if (_stricmp(HvProductName, "Microsoft Hv") == 0)
{ {
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KFLOATING_SAVE floatingPointState;
if (NT_SUCCESS (KeSaveFloatingPointState (&floatingPointState)))
{
#endif
hasAesNI = TryAESNI (); hasAesNI = TryAESNI ();
#if defined (TC_WINDOWS_DRIVER) && !defined (_WIN64)
KeRestoreFloatingPointState (&floatingPointState);
}
#endif
} }
return hasAesNI; return hasAesNI;

6
src/Crypto/kuznyechik.c
View File

@@ -2201,7 +2201,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks,
void kuznyechik_set_key(const uint8* key, kuznyechik_kds* kds) void kuznyechik_set_key(const uint8* key, kuznyechik_kds* kds)
{ {
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG)))
if(HasSSE2()) if(HasSSE2())
{ {
kuznyechik_set_key_simd (key, kds); kuznyechik_set_key_simd (key, kds);
@@ -2260,7 +2260,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks,
void kuznyechik_encrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds) void kuznyechik_encrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds)
{ {
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG)))
if(HasSSE2()) if(HasSSE2())
{ {
kuznyechik_encrypt_block_simd (out, in, kds); kuznyechik_encrypt_block_simd (out, in, kds);
@@ -2327,7 +2327,7 @@ void kuznyechik_decrypt_blocks_simd(uint8* out, const uint8* in, size_t blocks,
void kuznyechik_decrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds) void kuznyechik_decrypt_block(uint8* out, const uint8* in, kuznyechik_kds* kds)
{ {
#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG) && defined (_WIN64))) #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && !defined(_UEFI) && (!defined (TC_WINDOWS_DRIVER) || (!defined (DEBUG)))
if(HasSSE2()) if(HasSSE2())
{ {
kuznyechik_decrypt_block_simd (out, in, kds); kuznyechik_decrypt_block_simd (out, in, kds);

24
src/Driver/DriveFilter.c
View File

@@ -644,13 +644,11 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
Extension->Queue.MaxReadAheadOffset = BootDriveLength; Extension->Queue.MaxReadAheadOffset = BootDriveLength;
/* encrypt keys */ /* encrypt keys */
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
VcProtectKeys (Extension->HeaderCryptoInfo, VcGetEncryptionID (Extension->HeaderCryptoInfo)); VcProtectKeys (Extension->HeaderCryptoInfo, VcGetEncryptionID (Extension->HeaderCryptoInfo));
VcProtectKeys (Extension->Queue.CryptoInfo, VcGetEncryptionID (Extension->Queue.CryptoInfo)); VcProtectKeys (Extension->Queue.CryptoInfo, VcGetEncryptionID (Extension->Queue.CryptoInfo));
} }
#endif
status = EncryptedIoQueueStart (&Extension->Queue); status = EncryptedIoQueueStart (&Extension->Queue);
if (!NT_SUCCESS (status)) if (!NT_SUCCESS (status))
@@ -722,7 +720,6 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension)
uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart; uint64 encryptedAreaLength = Extension->Queue.EncryptedAreaEnd + 1 - Extension->Queue.EncryptedAreaStart;
uint8 *fieldPos = header + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH; uint8 *fieldPos = header + TC_HEADER_OFFSET_ENCRYPTED_AREA_LENGTH;
PCRYPTO_INFO pCryptoInfo = Extension->HeaderCryptoInfo; PCRYPTO_INFO pCryptoInfo = Extension->HeaderCryptoInfo;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
@@ -730,7 +727,6 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension)
VcUnprotectKeys (&tmpCI, VcGetEncryptionID (pCryptoInfo)); VcUnprotectKeys (&tmpCI, VcGetEncryptionID (pCryptoInfo));
pCryptoInfo = &tmpCI; pCryptoInfo = &tmpCI;
} }
#endif
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo);
@@ -748,12 +744,10 @@ static NTSTATUS SaveDriveVolumeHeader (DriveFilterExtension *Extension)
mputLong (fieldPos, headerCrc32); mputLong (fieldPos, headerCrc32);
EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); EncryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo);
#ifdef _WIN64
if (IsRamEncryptionEnabled()) if (IsRamEncryptionEnabled())
{ {
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
} }
#endif
} }
status = TCWriteDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE); status = TCWriteDevice (Extension->LowerDeviceObject, header, offset, TC_BOOT_ENCRYPTION_VOLUME_HEADER_SIZE);
@@ -991,9 +985,7 @@ static NTSTATUS DispatchPower (PDEVICE_OBJECT DeviceObject, PIRP Irp, DriveFilte
&& irpSp->Parameters.Power.Type == DevicePowerState) && irpSp->Parameters.Power.Type == DevicePowerState)
{ {
DismountDrive (Extension, TRUE); DismountDrive (Extension, TRUE);
#ifdef _WIN64
ClearSecurityParameters (); ClearSecurityParameters ();
#endif
} }
PoStartNextPowerIrp (Irp); PoStartNextPowerIrp (Irp);
@@ -1224,15 +1216,9 @@ typedef NTSTATUS (*HiberDriverWriteFunctionB) (PLARGE_INTEGER writeOffset, PMDL
typedef struct typedef struct
{ {
#ifdef _WIN64
uint8 FieldPad1[64]; uint8 FieldPad1[64];
HiberDriverWriteFunctionB WriteFunctionB; HiberDriverWriteFunctionB WriteFunctionB;
uint8 FieldPad2[56]; uint8 FieldPad2[56];
#else
uint8 FieldPad1[48];
HiberDriverWriteFunctionB WriteFunctionB;
uint8 FieldPad2[32];
#endif
HiberDriverWriteFunctionA WriteFunctionA; HiberDriverWriteFunctionA WriteFunctionA;
uint8 FieldPad3[24]; uint8 FieldPad3[24];
LARGE_INTEGER PartitionStartOffset; LARGE_INTEGER PartitionStartOffset;
@@ -1243,18 +1229,10 @@ typedef NTSTATUS (*HiberDriverEntry) (PVOID arg0, HiberDriverContext *hiberDrive
typedef struct typedef struct
{ {
LIST_ENTRY ModuleList; LIST_ENTRY ModuleList;
#ifdef _WIN64
uint8 FieldPad1[32]; uint8 FieldPad1[32];
#else
uint8 FieldPad1[16];
#endif
PVOID ModuleBaseAddress; PVOID ModuleBaseAddress;
HiberDriverEntry ModuleEntryAddress; HiberDriverEntry ModuleEntryAddress;
#ifdef _WIN64
uint8 FieldPad2[24]; uint8 FieldPad2[24];
#else
uint8 FieldPad2[12];
#endif
UNICODE_STRING ModuleName; UNICODE_STRING ModuleName;
} ModuleTableItem; } ModuleTableItem;
@@ -2180,10 +2158,8 @@ static VOID DecoySystemWipeThreadProc (PVOID threadArg)
goto err; goto err;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (wipeCryptoInfo, VcGetEncryptionID (wipeCryptoInfo)); VcProtectKeys (wipeCryptoInfo, VcGetEncryptionID (wipeCryptoInfo));
#endif
EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo); EncryptDataUnits (wipeRandBuffer, &dataUnit, wipeBlockSize / ENCRYPTION_DATA_UNIT_SIZE, wipeCryptoInfo);
memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars)); memcpy (wipeRandChars, wipeRandBuffer, sizeof (wipeRandChars));

13
src/Driver/DumpFilter.c
View File

@@ -61,15 +61,6 @@ NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZAT
goto err; goto err;
} }
// KeSaveFloatingPointState() may generate a bug check during crash dump
#if !defined (_WIN64)
if (filterExtension->DumpType == DumpTypeCrashdump)
{
dumpConfig.HwEncryptionEnabled = FALSE;
// disable also CPU extended features used in optimizations
DisableCPUExtendedFeatures ();
}
#endif
EnableHwEncryption (dumpConfig.HwEncryptionEnabled); EnableHwEncryption (dumpConfig.HwEncryptionEnabled);
@@ -129,11 +120,7 @@ NTSTATUS DumpFilterEntry (PFILTER_EXTENSION filterExtension, PFILTER_INITIALIZAT
WriteFilterBufferSize = ((SIZE_T)filterInitData->MaxPagesPerWrite) * PAGE_SIZE; WriteFilterBufferSize = ((SIZE_T)filterInitData->MaxPagesPerWrite) * PAGE_SIZE;
#ifdef _WIN64
highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL; highestAcceptableWriteBufferAddr.QuadPart = 0x7FFffffFFFFLL;
#else
highestAcceptableWriteBufferAddr.QuadPart = 0xffffFFFFLL;
#endif
WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr); WriteFilterBuffer = MmAllocateContiguousMemory (WriteFilterBufferSize, highestAcceptableWriteBufferAddr);
if (!WriteFilterBuffer) if (!WriteFilterBuffer)

12
src/Driver/Ntdriver.c
View File

@@ -217,13 +217,6 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed)
WHIRLPOOL_CTX tctx; WHIRLPOOL_CTX tctx;
size_t count; size_t count;
#ifndef _WIN64
KFLOATING_SAVE floatingPointState;
NTSTATUS saveStatus = STATUS_INVALID_PARAMETER;
if (HasISSE())
saveStatus = KeSaveFloatingPointState (&floatingPointState);
#endif
while (cbRandSeed) while (cbRandSeed)
{ {
WHIRLPOOL_init (&tctx); WHIRLPOOL_init (&tctx);
@@ -279,11 +272,6 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed)
pbRandSeed += count; pbRandSeed += count;
} }
#if !defined (_WIN64)
if (NT_SUCCESS (saveStatus))
KeRestoreFloatingPointState (&floatingPointState);
#endif
FAST_ERASE64 (digest, sizeof (digest)); FAST_ERASE64 (digest, sizeof (digest));
FAST_ERASE64 (&iSeed.QuadPart, 8); FAST_ERASE64 (&iSeed.QuadPart, 8);
FAST_ERASE64 (&iSeed2.QuadPart, 8); FAST_ERASE64 (&iSeed2.QuadPart, 8);

2
src/Driver/Ntvol.c
View File

@@ -634,10 +634,8 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
goto error; goto error;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled() && (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume)) if (IsRamEncryptionEnabled() && (volumeType == TC_VOLUME_TYPE_NORMAL || !mount->bProtectHiddenVolume))
VcProtectKeys (Extension->cryptoInfo, VcGetEncryptionID (Extension->cryptoInfo)); VcProtectKeys (Extension->cryptoInfo, VcGetEncryptionID (Extension->cryptoInfo));
#endif
Dump ("Volume header decrypted\n"); Dump ("Volume header decrypted\n");
Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion); Dump ("Required program version = %x\n", (int) Extension->cryptoInfo->RequiredProgramVersion);

12
src/ExpandVolume/ExpandVolume.c
View File

@@ -520,11 +520,9 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
BOOL backupHeader; BOOL backupHeader;
uint8 *wipeBuffer = NULL; uint8 *wipeBuffer = NULL;
uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE; uint32 workChunkSize = TC_VOLUME_HEADER_GROUP_SIZE;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
PCRYPTO_INFO cryptoInfoBackup = NULL; PCRYPTO_INFO cryptoInfoBackup = NULL;
BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled();
#endif
if (pVolumePassword->Length == 0) return -1; if (pVolumePassword->Length == 0) return -1;
@@ -703,12 +701,10 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
goto error; goto error;
} }
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
} }
#endif
if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM) if (cryptoInfo->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)
{ {
@@ -875,7 +871,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
else else
DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WRITING_ENCRYPTED_PRIMARY")); DebugAddProgressDlgStatus(hwndDlg, GetString("EXPANDER_WRITING_ENCRYPTED_PRIMARY"));
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VirtualLock (&tmpCI, sizeof (CRYPTO_INFO)); VirtualLock (&tmpCI, sizeof (CRYPTO_INFO));
@@ -884,7 +879,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfoBackup = cryptoInfo; cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
// Prepare new volume header // Prepare new volume header
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
@@ -905,14 +899,12 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfo->SectorSize, cryptoInfo->SectorSize,
FALSE ); // use slow poll FALSE ); // use slow poll
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
cryptoInfo = cryptoInfoBackup; cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO));
} }
#endif
if (ci != NULL) if (ci != NULL)
crypto_close (ci); crypto_close (ci);
@@ -945,7 +937,6 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
PCRYPTO_INFO dummyInfo = NULL; PCRYPTO_INFO dummyInfo = NULL;
LARGE_INTEGER hiddenOffset; LARGE_INTEGER hiddenOffset;
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VirtualLock (&tmpCI, sizeof (CRYPTO_INFO)); VirtualLock (&tmpCI, sizeof (CRYPTO_INFO));
@@ -954,17 +945,14 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
cryptoInfoBackup = cryptoInfo; cryptoInfoBackup = cryptoInfo;
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader); nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, cryptoInfo, newDataAreaSize, !backupHeader, backupHeader);
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
cryptoInfo = cryptoInfoBackup; cryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO)); VirtualUnlock (&tmpCI, sizeof (CRYPTO_INFO));
} }
#endif
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto error; goto error;

10
src/ExpandVolume/InitDataArea.c
View File

@@ -56,9 +56,7 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors,
LARGE_INTEGER startOffset; LARGE_INTEGER startOffset;
LARGE_INTEGER newOffset; LARGE_INTEGER newOffset;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
#endif
// Seek to start sector // Seek to start sector
startOffset.QuadPart = startSector * FormatSectorSize; startOffset.QuadPart = startSector * FormatSectorSize;
@@ -77,7 +75,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors,
memset (sector, 0, sizeof (sector)); memset (sector, 0, sizeof (sector));
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
VirtualLock (&tmpCI, sizeof (tmpCI)); VirtualLock (&tmpCI, sizeof (tmpCI));
@@ -85,7 +82,6 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors,
VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo)); VcUnprotectKeys (&tmpCI, VcGetEncryptionID (cryptoInfo));
cryptoInfo = &tmpCI; cryptoInfo = &tmpCI;
} }
#endif
// Remember the original secondary key (XTS mode) before generating a temporary one // Remember the original secondary key (XTS mode) before generating a temporary one
memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2)); memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2));
@@ -116,10 +112,8 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors,
goto fail; goto fail;
} }
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo)); VcProtectKeys (cryptoInfo, VcGetEncryptionID (cryptoInfo));
#endif
while (num_sectors--) while (num_sectors--)
{ {
@@ -154,13 +148,11 @@ int FormatNoFs (HWND hwndDlg, unsigned __int64 startSector, __int64 num_sectors,
VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2)); VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf); TCfree (write_buf);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
return 0; return 0;
@@ -172,13 +164,11 @@ fail:
VirtualUnlock (temporaryKey, sizeof (temporaryKey)); VirtualUnlock (temporaryKey, sizeof (temporaryKey));
VirtualUnlock (originalK2, sizeof (originalK2)); VirtualUnlock (originalK2, sizeof (originalK2));
TCfree (write_buf); TCfree (write_buf);
#ifdef _WIN64
if (IsRamEncryptionEnabled ()) if (IsRamEncryptionEnabled ())
{ {
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof (tmpCI)); VirtualUnlock (&tmpCI, sizeof (tmpCI));
} }
#endif
SetLastError (err); SetLastError (err);
return (retVal ? retVal : ERR_OS_ERROR); return (retVal ? retVal : ERR_OS_ERROR);

23
src/Format/InPlace.c
View File

@@ -776,9 +776,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
int pim = volParams->pim; int pim = volParams->pim;
DISK_GEOMETRY driveGeometry; DISK_GEOMETRY driveGeometry;
HWND hwndDlg = volParams->hwndDlg; HWND hwndDlg = volParams->hwndDlg;
#ifdef _WIN64
BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled();
#endif
bInPlaceEncNonSysResumed = TRUE; bInPlaceEncNonSysResumed = TRUE;
@@ -874,13 +872,11 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto closing_seq; goto closing_seq;
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo)); VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo));
VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo));
} }
#endif
remainingBytes = masterCryptoInfo->VolumeSize.Value - masterCryptoInfo->EncryptedAreaLength.Value; remainingBytes = masterCryptoInfo->VolumeSize.Value - masterCryptoInfo->EncryptedAreaLength.Value;
@@ -1102,7 +1098,6 @@ inplace_enc_read:
{ {
PCRYPTO_INFO dummyInfo = NULL; PCRYPTO_INFO dummyInfo = NULL;
#ifdef _WIN64
CRYPTO_INFO tmpCI; CRYPTO_INFO tmpCI;
PCRYPTO_INFO cryptoInfoBackup = NULL; PCRYPTO_INFO cryptoInfoBackup = NULL;
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
@@ -1113,7 +1108,6 @@ inplace_enc_read:
cryptoInfoBackup = masterCryptoInfo; cryptoInfoBackup = masterCryptoInfo;
masterCryptoInfo = &tmpCI; masterCryptoInfo = &tmpCI;
} }
#endif
nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE, nStatus = CreateVolumeHeaderInMemory (hwndDlg, FALSE,
header, header,
@@ -1133,14 +1127,12 @@ inplace_enc_read:
masterCryptoInfo->SectorSize, masterCryptoInfo->SectorSize,
wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1)); wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1));
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
masterCryptoInfo = cryptoInfoBackup; masterCryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof(tmpCI)); VirtualUnlock (&tmpCI, sizeof(tmpCI));
} }
#endif
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto closing_seq; goto closing_seq;
@@ -1155,7 +1147,6 @@ inplace_enc_read:
goto closing_seq; goto closing_seq;
} }
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VirtualLock (&tmpCI, sizeof(tmpCI)); VirtualLock (&tmpCI, sizeof(tmpCI));
@@ -1164,18 +1155,16 @@ inplace_enc_read:
cryptoInfoBackup = headerCryptoInfo; cryptoInfoBackup = headerCryptoInfo;
headerCryptoInfo = &tmpCI; headerCryptoInfo = &tmpCI;
} }
#endif
// Fill the reserved sectors of the header area with random data // Fill the reserved sectors of the header area with random data
nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE); nStatus = WriteRandomDataToReservedHeaderAreas (hwndDlg, dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE);
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
headerCryptoInfo = cryptoInfoBackup; headerCryptoInfo = cryptoInfoBackup;
burn (&tmpCI, sizeof (CRYPTO_INFO)); burn (&tmpCI, sizeof (CRYPTO_INFO));
VirtualUnlock (&tmpCI, sizeof(tmpCI)); VirtualUnlock (&tmpCI, sizeof(tmpCI));
} }
#endif
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto closing_seq; goto closing_seq;
@@ -1336,9 +1325,7 @@ int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile
int pkcs5_prf = volParams->pkcs5; int pkcs5_prf = volParams->pkcs5;
int pim = volParams->pim; int pim = volParams->pim;
DISK_GEOMETRY driveGeometry; DISK_GEOMETRY driveGeometry;
#ifdef _WIN64
BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled();
#endif
buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE); buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE);
@@ -1445,13 +1432,11 @@ int DecryptPartitionInPlace (volatile FORMAT_VOL_PARAMETERS *volParams, volatile
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto closing_seq; goto closing_seq;
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo)); VcProtectKeys (masterCryptoInfo, VcGetEncryptionID (masterCryptoInfo));
VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); VcProtectKeys (headerCryptoInfo, VcGetEncryptionID (headerCryptoInfo));
} }
#endif
if (masterCryptoInfo->LegacyVolume) if (masterCryptoInfo->LegacyVolume)
{ {
@@ -1848,9 +1833,7 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN
uint32 headerCrc32; uint32 headerCrc32;
uint8 *fieldPos; uint8 *fieldPos;
PCRYPTO_INFO pCryptoInfo = headerCryptoInfo; PCRYPTO_INFO pCryptoInfo = headerCryptoInfo;
#ifdef _WIN64
BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled(); BOOL bIsRamEncryptionEnabled = IsRamEncryptionEnabled();
#endif
header = (uint8 *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE); header = (uint8 *) TCalloc (TC_VOLUME_HEADER_EFFECTIVE_SIZE);
@@ -1871,7 +1854,6 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN
goto closing_seq; goto closing_seq;
} }
#ifdef _WIN64
if (bIsRamEncryptionEnabled) if (bIsRamEncryptionEnabled)
{ {
pCryptoInfo = crypto_open(); pCryptoInfo = crypto_open();
@@ -1884,7 +1866,6 @@ int FastVolumeHeaderUpdate (HANDLE dev, CRYPTO_INFO *headerCryptoInfo, CRYPTO_IN
memcpy (pCryptoInfo, headerCryptoInfo, sizeof (CRYPTO_INFO)); memcpy (pCryptoInfo, headerCryptoInfo, sizeof (CRYPTO_INFO));
VcUnprotectKeys (pCryptoInfo, VcGetEncryptionID (headerCryptoInfo)); VcUnprotectKeys (pCryptoInfo, VcGetEncryptionID (headerCryptoInfo));
} }
#endif
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo); DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, pCryptoInfo);
@@ -1925,12 +1906,10 @@ closing_seq:
dwError = GetLastError(); dwError = GetLastError();
#ifdef _WIN64
if (bIsRamEncryptionEnabled && pCryptoInfo) if (bIsRamEncryptionEnabled && pCryptoInfo)
{ {
crypto_close(pCryptoInfo); crypto_close(pCryptoInfo);
} }
#endif
burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); burn (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE);
VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE); VirtualUnlock (header, TC_VOLUME_HEADER_EFFECTIVE_SIZE);

2
src/Setup/Portable.vcxproj
View File

@@ -77,7 +77,7 @@
<OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\</OutDir>
<OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\</OutDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)PortableRelease\Int\</IntDir>
<LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
<LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental>

120
src/Setup/Setup.c
View File

@@ -785,7 +785,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++) for (i = 0; i < sizeof (szFiles) / sizeof (szFiles[0]); i++)
{ {
BOOL bResult, driver64 = FALSE, zipFile = FALSE; BOOL bResult, zipFile = FALSE;
wchar_t szDir[TC_MAX_PATH]; wchar_t szDir[TC_MAX_PATH];
if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0) if (wcsstr (szFiles[i], L"VeraCrypt Setup") != 0)
@@ -801,9 +801,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCbCopyW (szDir, sizeof(szDir), szDestDir); StringCbCopyW (szDir, sizeof(szDir), szDestDir);
else if (*szFiles[i] == L'D') else if (*szFiles[i] == L'D')
{ {
if (Is64BitOs ())
driver64 = TRUE;
if (!GetSystemDirectory (szDir, ARRAYSIZE (szDir))) if (!GetSystemDirectory (szDir, ARRAYSIZE (szDir)))
StringCbCopyW(szDir, sizeof(szDir), L"C:\\Windows\\System32"); StringCbCopyW(szDir, sizeof(szDir), L"C:\\Windows\\System32");
@@ -814,7 +811,10 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCbCatW (szDir, sizeof(szDir), L"Drivers\\"); StringCbCatW (szDir, sizeof(szDir), L"Drivers\\");
} }
else if (*szFiles[i] == L'W') else if (*szFiles[i] == L'W')
GetWindowsDirectory (szDir, ARRAYSIZE (szDir)); {
if (!GetWindowsDirectory(szDir, ARRAYSIZE(szDir)))
StringCbCopyW(szDir, sizeof(szDir), L"C:\\Windows");
}
if (*szFiles[i] == L'I') if (*szFiles[i] == L'I')
continue; continue;
@@ -854,17 +854,15 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCchCopyNW (curFileName, ARRAYSIZE(curFileName), szFiles[i] + 1, wcslen (szFiles[i]) - 1); StringCchCopyNW (curFileName, ARRAYSIZE(curFileName), szFiles[i] + 1, wcslen (szFiles[i]) - 1);
curFileName [wcslen (szFiles[i]) - 1] = 0; curFileName [wcslen (szFiles[i]) - 1] = 0;
if (Is64BitOs () if ((wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) || (wcscmp (szFiles[i], L"Averacrypt.sys") == 0))
&& ((wcscmp (szFiles[i], L"Dveracrypt.sys") == 0) || (wcscmp (szFiles[i], L"Averacrypt.sys") == 0)))
{ {
if (IsARM()) if (IsARM())
StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.sys", sizeof(L"veracrypt-arm64.sys")); StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.sys", sizeof(L"veracrypt-arm64.sys"));
else else
StringCbCopyNW (curFileName, sizeof(curFileName), FILENAME_64BIT_DRIVER, sizeof (FILENAME_64BIT_DRIVER)); StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-x64.sys", sizeof(L"veracrypt-x64.sys"));
} }
if (Is64BitOs () if (wcscmp (szFiles[i], L"Averacrypt.cat") == 0)
&& wcscmp (szFiles[i], L"Averacrypt.cat") == 0)
{ {
if (IsARM()) if (IsARM())
StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.cat", sizeof(L"veracrypt-arm64.cat")); StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-arm64.cat", sizeof(L"veracrypt-arm64.cat"));
@@ -872,8 +870,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-x64.cat", sizeof (L"veracrypt-x64.cat")); StringCbCopyNW (curFileName, sizeof(curFileName), L"veracrypt-x64.cat", sizeof (L"veracrypt-x64.cat"));
} }
if (Is64BitOs () if (wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0)
&& wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0)
{ {
if (IsARM()) if (IsARM())
StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-arm64.exe", sizeof(L"VeraCrypt-arm64.exe")); StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-arm64.exe", sizeof(L"VeraCrypt-arm64.exe"));
@@ -881,8 +878,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-x64.exe", sizeof (L"VeraCrypt-x64.exe")); StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt-x64.exe", sizeof (L"VeraCrypt-x64.exe"));
} }
if (Is64BitOs () if (wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0)
&& wcscmp (szFiles[i], L"AVeraCryptExpander.exe") == 0)
{ {
if (IsARM()) if (IsARM())
StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-arm64.exe", sizeof(L"VeraCryptExpander-arm64.exe")); StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-arm64.exe", sizeof(L"VeraCryptExpander-arm64.exe"));
@@ -890,8 +886,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-x64.exe", sizeof (L"VeraCryptExpander-x64.exe")); StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCryptExpander-x64.exe", sizeof (L"VeraCryptExpander-x64.exe"));
} }
if (Is64BitOs () if (wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0)
&& wcscmp (szFiles[i], L"AVeraCrypt Format.exe") == 0)
{ {
if (IsARM()) if (IsARM())
StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format-arm64.exe", sizeof(L"VeraCrypt Format-arm64.exe")); StringCbCopyNW (curFileName, sizeof(curFileName), L"VeraCrypt Format-arm64.exe", sizeof(L"VeraCrypt Format-arm64.exe"));
@@ -914,7 +909,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
min (wcslen (curFileName), (size_t) Decompressed_Files[fileNo].fileNameLength)) == 0) min (wcslen (curFileName), (size_t) Decompressed_Files[fileNo].fileNameLength)) == 0)
{ {
// Dump filter driver cannot be installed to SysWOW64 directory // Dump filter driver cannot be installed to SysWOW64 directory
if (driver64 && !EnableWow64FsRedirection (FALSE)) if (!EnableWow64FsRedirection (FALSE))
{ {
handleWin32Error (hwndDlg, SRC_POS); handleWin32Error (hwndDlg, SRC_POS);
bResult = FALSE; bResult = FALSE;
@@ -939,46 +934,40 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
TRUE); TRUE);
} }
if (driver64)
if (!EnableWow64FsRedirection (TRUE))
{ {
if (!EnableWow64FsRedirection (TRUE)) handleWin32Error (hwndDlg, SRC_POS);
{ bResult = FALSE;
handleWin32Error (hwndDlg, SRC_POS); goto err;
bResult = FALSE;
goto err;
}
if (!bResult)
goto err;
} }
if (!bResult)
goto err;
break; break;
} }
} }
} }
else else
{ {
if (driver64) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
bResult = TCCopyFile (curFileName, szTmp); bResult = TCCopyFile (curFileName, szTmp);
if (driver64) EnableWow64FsRedirection (TRUE);
EnableWow64FsRedirection (TRUE);
} }
if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0)
{ {
if (Is64BitOs ()) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false);
wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true);
wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false);
wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true);
if (bResult && Is64BitOs () if (bResult
&& FileExists (favoritesLegacyFile.c_str()) && FileExists (favoritesLegacyFile.c_str())
&& !FileExists (favoritesFile.c_str())) && !FileExists (favoritesFile.c_str()))
{ {
@@ -1027,41 +1016,35 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
catch (...) {} catch (...) {}
} }
if (Is64BitOs ()) // delete files from legacy path
if (FileExists (favoritesLegacyFile.c_str()))
{ {
// delete files from legacy path RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str());
if (FileExists (favoritesLegacyFile.c_str())) ForceDeleteFile (favoritesLegacyFile.c_str());
{
RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str());
ForceDeleteFile (favoritesLegacyFile.c_str());
}
if (FileExists (serviceLegacyPath.c_str()))
{
RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
if (FileExists (serviceLegacyPath.c_str()))
{
RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
} }
} }
else else
{ {
if (driver64) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
if (zipFile) if (zipFile)
bResult = StatRemoveDirectory (szTmp); bResult = StatRemoveDirectory (szTmp);
else else
bResult = StatDeleteFile (szTmp, TRUE); bResult = StatDeleteFile (szTmp, TRUE);
if (driver64) EnableWow64FsRedirection (TRUE);
EnableWow64FsRedirection (TRUE);
if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0) if (bResult && wcscmp (szFiles[i], L"AVeraCrypt.exe") == 0)
{ {
if (Is64BitOs ()) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false);
wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true);
@@ -1081,22 +1064,19 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
ForceDeleteFile (servicePath.c_str()); ForceDeleteFile (servicePath.c_str());
} }
if (Is64BitOs ()) if (FileExists (favoritesLegacyFile.c_str()))
{ {
if (FileExists (favoritesLegacyFile.c_str())) RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str());
{ ForceDeleteFile (favoritesLegacyFile.c_str());
RemoveMessage (hwndDlg, (wchar_t *) favoritesLegacyFile.c_str());
ForceDeleteFile (favoritesLegacyFile.c_str());
}
if (FileExists (serviceLegacyPath.c_str()))
{
RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
if (FileExists (serviceLegacyPath.c_str()))
{
RemoveMessage (hwndDlg, (wchar_t *) serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
} }

6
src/Setup/Setup.h
View File

@@ -42,9 +42,6 @@ static wchar_t *szCompressedFiles[]=
L"License.txt", L"License.txt",
L"LICENSE", L"LICENSE",
L"NOTICE", L"NOTICE",
L"VeraCrypt.exe",
L"VeraCryptExpander.exe",
L"VeraCrypt Format.exe",
L"VeraCrypt-x64.exe", L"VeraCrypt-x64.exe",
L"VeraCryptExpander-x64.exe", L"VeraCryptExpander-x64.exe",
L"VeraCrypt Format-x64.exe", L"VeraCrypt Format-x64.exe",
@@ -52,8 +49,6 @@ static wchar_t *szCompressedFiles[]=
L"VeraCryptExpander-arm64.exe", L"VeraCryptExpander-arm64.exe",
L"VeraCrypt Format-arm64.exe", L"VeraCrypt Format-arm64.exe",
L"veracrypt.inf", L"veracrypt.inf",
L"veracrypt.cat",
L"veracrypt.sys",
L"veracrypt-x64.cat", L"veracrypt-x64.cat",
L"veracrypt-x64.sys", L"veracrypt-x64.sys",
L"veracrypt-arm64.cat", L"veracrypt-arm64.cat",
@@ -74,7 +69,6 @@ static wchar_t *szLegacyFiles[]=
L"veracrypt-x64.sys", L"veracrypt-x64.sys",
}; };
#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys"
#define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) #define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0]))
void localcleanup (void); void localcleanup (void);

2
src/Setup/Setup.vcxproj
View File

@@ -77,7 +77,7 @@
<OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\</OutDir>
<OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\</OutDir> <OutDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\</OutDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)Release\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(ProjectDir)Release\Int\</IntDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">$(ProjectDir)Release\Int\</IntDir>
<IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\Int\</IntDir> <IntDir Condition="'$(Configuration)|$(Platform)'=='ReleaseCustomEFI|Win32'">$(ProjectDir)Release\Int\</IntDir>
<LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">false</LinkIncremental>
<LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental> <LinkIncremental Condition="'$(Configuration)|$(Platform)'=='Release_SkipOsDriverReqCheck|Win32'">false</LinkIncremental>

61
src/SetupDLL/Setup.c
View File

@@ -2499,16 +2499,14 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostInstall(MSIHANDLE hInstaller)
StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szInstallDir.c_str(), L"VeraCrypt.exe"); StringCbPrintfW (szTmp, sizeof(szTmp), L"%s%s", szInstallDir.c_str(), L"VeraCrypt.exe");
if (Is64BitOs ()) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false);
wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true);
wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false);
wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true);
if (Is64BitOs () if (FileExists (favoritesLegacyFile.c_str())
&& FileExists (favoritesLegacyFile.c_str())
&& !FileExists (favoritesFile.c_str())) && !FileExists (favoritesFile.c_str()))
{ {
// copy the favorites XML file to the native system directory // copy the favorites XML file to the native system directory
@@ -2565,24 +2563,21 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostInstall(MSIHANDLE hInstaller)
catch (...) {} catch (...) {}
} }
if (Is64BitOs ()) // delete files from legacy path
if (FileExists (favoritesLegacyFile.c_str()))
{ {
// delete files from legacy path MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", favoritesLegacyFile.c_str());
if (FileExists (favoritesLegacyFile.c_str())) ForceDeleteFile (favoritesLegacyFile.c_str());
{
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", favoritesLegacyFile.c_str());
ForceDeleteFile (favoritesLegacyFile.c_str());
}
if (FileExists (serviceLegacyPath.c_str()))
{
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
if (FileExists (serviceLegacyPath.c_str()))
{
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostInstall: REMOVING %s", serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
if (bResult == FALSE) if (bResult == FALSE)
{ {
LPVOID lpMsgBuf; LPVOID lpMsgBuf;
@@ -3223,8 +3218,7 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostUninstall(MSIHANDLE hInstaller)
// Last part of DoFilesInstall() // Last part of DoFilesInstall()
{ {
if (Is64BitOs ()) EnableWow64FsRedirection (FALSE);
EnableWow64FsRedirection (FALSE);
wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false); wstring servicePath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", false);
wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true); wstring serviceLegacyPath = GetServiceConfigPath (_T(TC_APP_NAME) L".exe", true);
@@ -3244,23 +3238,20 @@ EXTERN_C UINT STDAPICALLTYPE VC_CustomAction_PostUninstall(MSIHANDLE hInstaller)
ForceDeleteFile (servicePath.c_str()); ForceDeleteFile (servicePath.c_str());
} }
if (Is64BitOs ()) if (FileExists (favoritesLegacyFile.c_str()))
{ {
if (FileExists (favoritesLegacyFile.c_str())) MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", favoritesLegacyFile.c_str());
{ ForceDeleteFile (favoritesLegacyFile.c_str());
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", favoritesLegacyFile.c_str());
ForceDeleteFile (favoritesLegacyFile.c_str());
}
if (FileExists (serviceLegacyPath.c_str()))
{
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
} }
if (FileExists (serviceLegacyPath.c_str()))
{
MSILog(hInstaller, MSI_ERROR_LEVEL, L"VC_CustomAction_PostUninstall: REMOVING %s", serviceLegacyPath.c_str());
ForceDeleteFile (serviceLegacyPath.c_str());
}
EnableWow64FsRedirection (TRUE);
// remove the installation folder is case it remains after uninstall // remove the installation folder is case it remains after uninstall
if (DirectoryExists (szInstallDir.c_str())) if (DirectoryExists (szInstallDir.c_str()))
{ {

6
src/SetupDLL/Setup.h
View File

@@ -42,9 +42,6 @@ static wchar_t *szCompressedFiles[]=
L"License.txt", L"License.txt",
L"LICENSE", L"LICENSE",
L"NOTICE", L"NOTICE",
L"VeraCrypt.exe",
L"VeraCryptExpander.exe",
L"VeraCrypt Format.exe",
L"VeraCrypt-x64.exe", L"VeraCrypt-x64.exe",
L"VeraCryptExpander-x64.exe", L"VeraCryptExpander-x64.exe",
L"VeraCrypt Format-x64.exe", L"VeraCrypt Format-x64.exe",
@@ -52,8 +49,6 @@ static wchar_t *szCompressedFiles[]=
L"VeraCryptExpander-arm64.exe", L"VeraCryptExpander-arm64.exe",
L"VeraCrypt Format-arm64.exe", L"VeraCrypt Format-arm64.exe",
L"veracrypt.inf", L"veracrypt.inf",
L"veracrypt.cat",
L"veracrypt.sys",
L"veracrypt-x64.cat", L"veracrypt-x64.cat",
L"veracrypt-x64.sys", L"veracrypt-x64.sys",
L"veracrypt-arm64.cat", L"veracrypt-arm64.cat",
@@ -74,7 +69,6 @@ static wchar_t *szLegacyFiles[]=
L"veracrypt-x64.sys", L"veracrypt-x64.sys",
}; };
#define FILENAME_64BIT_DRIVER L"veracrypt-x64.sys"
#define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0])) #define NBR_COMPRESSED_FILES (sizeof(szCompressedFiles) / sizeof(szCompressedFiles[0]))
void localcleanup (void); void localcleanup (void);

2
src/Signing/sign.bat
View File

@@ -10,7 +10,7 @@ call "..\..\doc\chm\create_chm.bat"
cd %SIGNINGPATH% cd %SIGNINGPATH%
rem sign using SHA-256 rem sign using SHA-256
signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll" signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll"
rem create setup and MSI rem create setup and MSI
cd "..\Release\Setup Files\" cd "..\Release\Setup Files\"

4
src/Signing/sign_TESTSIGNING.bat
View File

@@ -6,9 +6,9 @@ set SIGNINGPATH=%~dp0
cd %SIGNINGPATH% cd %SIGNINGPATH%
rem sign using SHA-256 rem sign using SHA-256
signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys"
signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" "..\Release\Setup Files\VeraCryptSetup.dll" signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" "..\Release\Setup Files\VeraCryptSetup.dll"
rem create setup and MSI rem create setup and MSI
cd "..\Release\Setup Files\" cd "..\Release\Setup Files\"

4
src/Signing/sign_test.bat
View File

@@ -16,12 +16,12 @@ call "..\..\doc\chm\create_chm.bat"
cd %SIGNINGPATH% cd %SIGNINGPATH%
rem sign using SHA-1 rem sign using SHA-1
signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.digicert.com "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" signtool sign /v /a /f %PFXNAME% /p %PFXPASSWORD% /ac %PFXCA% /fd sha1 /t http://timestamp.digicert.com "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe"
timeout /t 10 timeout /t 10
rem sign using SHA-256 rem sign using SHA-256
signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Release\Setup Files\veracrypt.sys" "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe" signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /as /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Release\Setup Files\veracrypt-x64.sys" "..\Release\Setup Files\veracrypt-arm64.sys" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCrypt COMReg.exe"
rem create setup and MSI rem create setup and MSI
cd "..\Release\Setup Files\" cd "..\Release\Setup Files\"

2
src/Signing/sign_test_debug.bat
View File

@@ -17,7 +17,7 @@ cd %SIGNINGPATH%
rem sign using SHA-256 rem sign using SHA-256
signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Debug\Setup Files\veracrypt.sys" "..\Debug\Setup Files\veracrypt-x64.sys" "..\Debug\Setup Files\veracrypt-arm64.sys" "..\Debug\Setup Files\VeraCrypt.exe" "..\Debug\Setup Files\VeraCrypt Format.exe" "..\Debug\Setup Files\VeraCryptExpander.exe" "..\Debug\Setup Files\VeraCrypt-x64.exe" "..\Debug\Setup Files\VeraCrypt Format-x64.exe" "..\Debug\Setup Files\VeraCryptExpander-x64.exe" "..\Debug\Setup Files\VeraCrypt-arm64.exe" "..\Debug\Setup Files\VeraCrypt Format-arm64.exe" "..\Debug\Setup Files\VeraCryptExpander-arm64.exe" "..\Debug\Setup Files\VeraCrypt COMReg.exe" signtool sign /v /a /f %SHA256PFXNAME% /p %SHA256PFXPASSWORD% /ac %SHA256PFXCA% /fd sha256 /tr http://rfc3161timestamp.globalsign.com/advanced /td SHA256 "..\Debug\Setup Files\veracrypt-x64.sys" "..\Debug\Setup Files\veracrypt-arm64.sys" "..\Debug\Setup Files\VeraCrypt-x64.exe" "..\Debug\Setup Files\VeraCrypt Format-x64.exe" "..\Debug\Setup Files\VeraCryptExpander-x64.exe" "..\Debug\Setup Files\VeraCrypt-arm64.exe" "..\Debug\Setup Files\VeraCrypt Format-arm64.exe" "..\Debug\Setup Files\VeraCryptExpander-arm64.exe" "..\Debug\Setup Files\VeraCrypt COMReg.exe"
rem create setup and MSI rem create setup and MSI
cd "..\Debug\Setup Files\" cd "..\Debug\Setup Files\"