diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..6f9d4c0
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,29 @@
+# DCS 2.00 Changelog
+
+- Moved DcsConfig.h from VeraCryptLib to DcsCfgLib and using it to preset compile time options
+-- DCS_CAPTION defines the loader name string as used in various places for display
+-- DCS_DIRECTORY defines the sub folder inside the EFI folder into which DCS is being installed
+-- DCS_VERSION defines the version as integer that for display is parsed like "%d.%02d%", DCS_VERSION / 100, DCS_VERSION % 100
+-- See the file for more options...
+
+- Added Visual Studio project files for a more convenient editing
+
+- Added ability for a basic key remapping to support keyboards other than QWERTY, now supporting also QWERTZ and AZERTY
+
+- Added support for wchar passwords
+
+- Added new DcsProp value VerboseDebug enabling a lot of useful debut output
+
+- Addes support for wchar values in DcsProp ConfigReadStringW
+
+- Added option to display the letters in picture password but not the entered password to use the feature as on-screen keyboard
+
+- Separated VeraCrypt specific code from DcsInt into VeraCryptLib/DcsVeraCryptImpl.c
+-- Split IO Hooking code into a separate library DcsIntlib
+-- Moved Xml.c/h to DcsCfgLib
+-- Added ability to hook more than one disk drive AddCryptoMount
+-- Added support for DiskCryptor in DiskCryptorLib
+-- Added mechanism to select Disk Encryption support modules VeraCrypt/DiskCryptor
+
+- Fixed data leak when HaltPrint gets triggered to clean bootParams in addition to all other sensitiv data
+- Fied memory leek in VCCONFIG_ALLOC
diff --git a/DcsAll.vcxproj b/DcsAll.vcxproj
new file mode 100644
index 0000000..8f0c554
--- /dev/null
+++ b/DcsAll.vcxproj
@@ -0,0 +1,88 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _DEBUG;$(NMakePreprocessorDefinitions)
+
+
+ WIN32;_DEBUG;$(NMakePreprocessorDefinitions)
+
+
+ DcsAll.exe
+ WIN32;NDEBUG;$(NMakePreprocessorDefinitions)
+
+
+ DcsAll.exe
+ NDEBUG;$(NMakePreprocessorDefinitions)
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsAll.vcxproj.filters b/DcsAll.vcxproj.filters
new file mode 100644
index 0000000..3780062
--- /dev/null
+++ b/DcsAll.vcxproj.filters
@@ -0,0 +1,25 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Resource Files
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsAll.vcxproj.user b/DcsAll.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsAll.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsBml/DcsBml.c b/DcsBml/DcsBml.c
index dd19a30..f8eb06e 100644
--- a/DcsBml/DcsBml.c
+++ b/DcsBml/DcsBml.c
@@ -22,6 +22,7 @@ The full text of the license may be found at
#include
#include
+#include
#include "DcsBml.h"
//////////////////////////////////////////////////////////////////////////
@@ -83,8 +84,8 @@ BmlVirtualNotifyEvent(
//////////////////////////////////////////////////////////////////////////
// Boot order
//////////////////////////////////////////////////////////////////////////
-CHAR16* sDcsBootEfi = L"EFI\\VeraCrypt\\DcsBoot.efi";
-CHAR16* sDcsBootEfiDesc = L"VeraCrypt(DCS) loader";
+CHAR16* sDcsBootEfi = L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi";
+CHAR16* sDcsBootEfiDesc = _T(DCS_CAPTION) L"(Dsc) loader";
EFI_STATUS
UpdateBootOrder()
diff --git a/DcsBml/DcsBml.vcxproj b/DcsBml/DcsBml.vcxproj
new file mode 100644
index 0000000..8094cea
--- /dev/null
+++ b/DcsBml/DcsBml.vcxproj
@@ -0,0 +1,100 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsBml.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsBml.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsBml/DcsBml.vcxproj.filters b/DcsBml/DcsBml.vcxproj.filters
new file mode 100644
index 0000000..de82bca
--- /dev/null
+++ b/DcsBml/DcsBml.vcxproj.filters
@@ -0,0 +1,41 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsBml/DcsBml.vcxproj.user b/DcsBml/DcsBml.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsBml/DcsBml.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsBoot/DcsBoot.c b/DcsBoot/DcsBoot.c
index 7029a10..356958f 100644
--- a/DcsBoot/DcsBoot.c
+++ b/DcsBoot/DcsBoot.c
@@ -3,6 +3,7 @@
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials
are licensed and made available under the terms and conditions
@@ -19,7 +20,7 @@ The full text of the license may be found at
#include
#include
#include
-#include "DcsConfig.h"
+#include
#include
#include
@@ -31,6 +32,9 @@ CHAR16 *gEfiExecCmd = NULL;
CHAR8 gDoExecCmdMsg[256];
CONST CHAR8* g_szMsBootString = "bootmgfw.pdb";
+//////////////////////////////////////////////////////////////////////////
+// EFI boot
+//////////////////////////////////////////////////////////////////////////
EFI_STATUS
DoExecCmd()
{
@@ -40,11 +44,13 @@ DoExecCmd()
if (!EFI_ERROR(res)) {
res = FileOpenRoot(gFileRootHandle, &gFileRoot);
if (!EFI_ERROR(res)) {
+#ifndef NO_BML
UINT32 lockFlags = 0;
// Lock EFI boot variables
InitBml();
lockFlags = ConfigReadInt("DcsBmlLockFlags", BML_LOCK_SETVARIABLE | BML_SET_BOOTNEXT | BML_UPDATE_BOOTORDER);
BmlLock(lockFlags);
+#endif
res = EfiExec(NULL, gEfiExecCmd);
if (EFI_ERROR(res))
AsciiSPrint(gDoExecCmdMsg, sizeof(gDoExecCmdMsg), "\nCan't exec %s start partition %g\n", gEfiExecCmd, gEfiExecPartGuid);
@@ -60,8 +66,8 @@ DoExecCmd()
}
EFI_STATUS
-ExecMSWindowsLoader() {
-
+ExecMSWindowsLoader()
+{
if (!EFI_ERROR(FileExist(NULL, gEfiExecCmdDefault)))
return EfiExec(NULL, gEfiExecCmdDefault);
else
@@ -87,16 +93,17 @@ ExecMSWindowsLoader() {
}
ERR_PRINT(L"Could not find the original Windows loader\r\n");
-
+
return EFI_NOT_READY;
}
}
//////////////////////////////////////////////////////////////////////////
-// BML
+// BML - Boot Menu Lock
//////////////////////////////////////////////////////////////////////////
-CHAR16* sDcsBmlEfi = L"EFI\\VeraCrypt\\DcsBml.dcs";
-CHAR16* sDcsBmlEfiDesc = L"VeraCrypt(DcsBml) driver";
+#ifndef NO_BML
+CHAR16* sDcsBmlEfi = L"EFI\\" DCS_DIRECTORY L"\\DcsBml.dcs";
+CHAR16* sDcsBmlEfiDesc = _T(DCS_CAPTION) L"(DcsBml) driver";
CHAR16* sDcsBmlDriverVar = L"DriverDC5B";
UINT16 DcsBmlDriverNum = 0x0DC5B;
@@ -137,6 +144,7 @@ UpdateDriverBmlStart() {
}
MEM_FREE(tmp);
}
+#endif
/**
The actual entry point for the application.
@@ -155,40 +163,55 @@ DcsBootMain(
IN EFI_SYSTEM_TABLE *SystemTable
)
{
- EFI_STATUS res;
+ EFI_STATUS res;
UINTN len;
UINT32 attr;
BOOLEAN searchOnESP = FALSE;
BOOLEAN searchMsOnESP = FALSE;
- EFI_GUID *pEfiExecPartBackup = NULL;
+ EFI_GUID *pEfiExecPartBackup = NULL;
// EFI_INPUT_KEY key;
- InitBio();
- res = InitFS();
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"InitFS %r\n", res);
- }
+#ifdef DEBUG_BUILD
+ OUT_PRINT(L"DcsBoot - DEBUG Build %s %s\n", _T(__DATE__), _T(__TIME__));
+#endif
+
+ InitBio(); // Initialize Block IO
+ res = InitFS(); // Initialize FileSystem
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"InitFS %r\n", res);
+ }
+ InitConfig(CONFIG_FILE_PATH); // Initialize Config
- // BML installed?
- if (EFI_ERROR(InitBml())) {
+ if (gConfigDebug) {
+ OUT_PRINT(L"FS Root: ");
+ EfiPrintDevicePath(gFileRootHandle);
+ OUT_PRINT(L"\n");
+ }
+
+#ifndef NO_BML
+ // BML installed?
+ if (EFI_ERROR(InitBml())) {
// if not -> execute
- EfiExec(NULL, sDcsBmlEfi);
- }
+ EfiExec(NULL, sDcsBmlEfi); // Install the Boot Menu Lock
+ }
- UpdateDriverBmlStart();
+ UpdateDriverBmlStart();
+#endif
- // Try platform info
- if (EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\PlatformInfo")) &&
- !EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\DcsInfo.dcs"))) {
- res = EfiExec(NULL, L"\\EFI\\VeraCrypt\\DcsInfo.dcs");
+ // Dump platform info
+ if (EFI_ERROR(FileExist(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\PlatformInfo")) &&
+ !EFI_ERROR(FileExist(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\DcsInfo.dcs"))) {
+ OUT_PRINT(L"Collecting Platform informations...\n");
+ res = EfiExec(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\DcsInfo.dcs");
if (!EFI_ERROR(res) &&
- !EFI_ERROR(FileExist(NULL, L"\\EFI\\VeraCrypt\\PlatformInfo"))) {
+ !EFI_ERROR(FileExist(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\PlatformInfo"))) {
+ KeyWait(L"PlatformInfo generated, rebooting in %02d s\r", 10, 0, 0);
gST->RuntimeServices->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
}
}
// Load all drivers
- res = EfiExec(NULL, L"\\EFI\\VeraCrypt\\LegacySpeaker.dcs");
+ EfiExec(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\LegacySpeaker.dcs"); // driver for ordinary speaker (beep)
res = EfiGetPartGUID(gFileRootHandle, &ImagePartGuid);
if (EFI_ERROR(res)) {
@@ -196,12 +219,15 @@ DcsBootMain(
return res;
}
+ // set default boot partition and file
EfiSetVar(L"DcsExecPartGuid", NULL, &ImagePartGuid, sizeof(EFI_GUID), EFI_VARIABLE_BOOTSERVICE_ACCESS);
EfiSetVar(L"DcsExecCmd", NULL, gEfiExecCmdDefault, (StrLen(gEfiExecCmdDefault) + 1) * 2, EFI_VARIABLE_BOOTSERVICE_ACCESS);
+
// Authorize
gBS->SetWatchdogTimer(0, 0, 0, NULL);
- res = EfiExec(NULL, L"\\EFI\\VeraCrypt\\DcsInt.dcs");
- if (EFI_ERROR(res) && (res != EFI_DCS_POSTEXEC_REQUESTED)) {
+ res = EfiExec(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\DcsInt.dcs");
+
+ if (EFI_ERROR(res) && (res != EFI_DCS_POSTEXEC_REQUESTED)) {
// Clear DcsExecPartGuid before execute OS to avoid problem in VirtualBox with reboot.
EfiSetVar(L"DcsExecPartGuid", NULL, NULL, 0, EFI_VARIABLE_BOOTSERVICE_ACCESS);
@@ -224,10 +250,10 @@ DcsBootMain(
else if (res == EFI_DCS_USER_CANCELED)
{
/* If user cancels password prompt, call original Windows loader */
- res = ExecMSWindowsLoader ();
+ res = ExecMSWindowsLoader();
}
return res;
- }
+ }
res = EfiGetVar(L"DcsExecPartGuid", NULL, &gEfiExecPartGuid, &len, &attr);
if (EFI_ERROR(res)) {
@@ -246,16 +272,26 @@ DcsBootMain(
searchMsOnESP = CompareGuid(gEfiExecPartGuid, &ImagePartGuid) &&
EFI_ERROR(FileExist(NULL, gEfiExecCmdMS));
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"DcsExecPartGuid %g\n", gEfiExecPartGuid);
+ OUT_PRINT(L"DcsExecCmd %s\n", gEfiExecCmd);
+ }
// Clear DcsExecPartGuid before execute OS to avoid problem in VirtualBox with reboot.
EfiSetVar(L"DcsExecPartGuid", NULL, NULL, 0, EFI_VARIABLE_BOOTSERVICE_ACCESS);
EfiSetVar(L"DcsExecCmd", NULL, NULL, 0, EFI_VARIABLE_BOOTSERVICE_ACCESS);
// Find new start partition
- ConnectAllEfi();
+ ConnectAllEfi(); // this applyes the installed IO hook
InitBio();
res = InitFS();
+ if (gConfigDebug) {
+ KeyWait(L"Attempting to boot Windows in %02d s\r", 30, 0, 0);
+ OUT_PRINT(L"\n");
+ }
+
while (1)
{
// Default load of bootmgfw?
@@ -302,5 +338,5 @@ DcsBootMain(
}
ERR_PRINT(L"%a\nStatus - %r", gDoExecCmdMsg, res);
EfiCpuHalt();
- return EFI_INVALID_PARAMETER;
+ return EFI_INVALID_PARAMETER;
}
diff --git a/DcsBoot/DcsBoot.inf b/DcsBoot/DcsBoot.inf
index c8c3aa5..423bc70 100644
--- a/DcsBoot/DcsBoot.inf
+++ b/DcsBoot/DcsBoot.inf
@@ -41,7 +41,7 @@
BaseLib
MemoryAllocationLib
CommonLib
- VeraCryptLib
+ DcsCfgLib
[Guids]
gEfiGlobalVariableGuid
diff --git a/DcsBoot/DcsBoot.vcxproj b/DcsBoot/DcsBoot.vcxproj
new file mode 100644
index 0000000..9454df8
--- /dev/null
+++ b/DcsBoot/DcsBoot.vcxproj
@@ -0,0 +1,94 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsBoot.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsBoot.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsBoot/DcsBoot.vcxproj.filters b/DcsBoot/DcsBoot.vcxproj.filters
new file mode 100644
index 0000000..dc8b76d
--- /dev/null
+++ b/DcsBoot/DcsBoot.vcxproj.filters
@@ -0,0 +1,27 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsBoot/DcsBoot.vcxproj.user b/DcsBoot/DcsBoot.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsBoot/DcsBoot.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsCfg/DcsCfg.vcxproj b/DcsCfg/DcsCfg.vcxproj
new file mode 100644
index 0000000..459b11f
--- /dev/null
+++ b/DcsCfg/DcsCfg.vcxproj
@@ -0,0 +1,105 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\ShellPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\ShellPkg\Include
+
+
+ DcsCfg.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\ShellPkg\Include
+
+
+ DcsCfg.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\ShellPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsCfg/DcsCfg.vcxproj.filters b/DcsCfg/DcsCfg.vcxproj.filters
new file mode 100644
index 0000000..2084366
--- /dev/null
+++ b/DcsCfg/DcsCfg.vcxproj.filters
@@ -0,0 +1,56 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Header Files
+
+
+
+
+ Resource Files
+
+
+ Resource Files
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/DcsCfg/DcsCfg.vcxproj.user b/DcsCfg/DcsCfg.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsCfg/DcsCfg.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsCfg/DcsCfgCrypt.c b/DcsCfg/DcsCfgCrypt.c
index a30d97c..1c45823 100644
--- a/DcsCfg/DcsCfgCrypt.c
+++ b/DcsCfg/DcsCfgCrypt.c
@@ -26,6 +26,7 @@ The full text of the license may be found at
#include
#include
#include
+#include
#include "common/Tcdefs.h"
#include "common/Endian.h"
@@ -924,7 +925,7 @@ OSDecrypt()
return res;
}
-CHAR16* sOSKeyBackup = L"EFI\\VeraCrypt\\svh_bak";
+CHAR16* sOSKeyBackup = L"EFI\\" DCS_DIRECTORY L"\\svh_bak";
// dirty import from GptEdit
extern DCS_DISK_ENTRY_DISKID DeDiskId;
diff --git a/DcsCfg/DcsCfgMain.c b/DcsCfg/DcsCfgMain.c
index 8e3ad81..4089181 100644
--- a/DcsCfg/DcsCfgMain.c
+++ b/DcsCfg/DcsCfgMain.c
@@ -24,7 +24,8 @@ The full text of the license may be found at
#include
#include "DcsCfg.h"
-#include "Library/PasswordLib.h"
+#include
+#include
#include "common/Tcdefs.h"
#include "crypto/cpu.h"
@@ -201,6 +202,7 @@ DcsCfgMain(
InitBio();
InitFS();
+ InitConfig(CONFIG_FILE_PATH);
DetectX86Features();
//
diff --git a/DcsCfg/DcsCfgTpm.c b/DcsCfg/DcsCfgTpm.c
index 5880c19..a14f7b6 100644
--- a/DcsCfg/DcsCfgTpm.c
+++ b/DcsCfg/DcsCfgTpm.c
@@ -16,7 +16,7 @@ The full text of the license may be found at
#include
#include
#include
-#include "DcsVeraCrypt.h"
+//#include "DcsVeraCrypt.h"
EFI_STATUS
Tpm12ListPcrs(
@@ -74,8 +74,8 @@ EFI_STATUS
TpmDcsConfigure(
) {
EFI_STATUS res;
- Password pwd;
- ZeroMem(&pwd, sizeof(pwd));
+ DePassword pwd;
+ MEM_BURN(&pwd, sizeof(pwd));
CE(GetTpm());
CE(RndInit(RndTypeTpm, NULL, 0, &gRnd));
CE(gTpm->Configure(gTpm));
diff --git a/DcsInfo/DcsInfo.c b/DcsInfo/DcsInfo.c
index 70f235e..f7b4158 100644
--- a/DcsInfo/DcsInfo.c
+++ b/DcsInfo/DcsInfo.c
@@ -21,6 +21,7 @@ The full text of the license may be found at
#include
#include
#include
+#include
#ifdef _M_X64
#define ARCH_NAME "X64"
@@ -326,7 +327,7 @@ DcsInfoMain(
ERR_PRINT(L"InitFS %r\n", res);
return res;
}
- res = FileOpen(NULL, L"EFI\\VeraCrypt\\PlatformInfo", &fInfo, EFI_FILE_MODE_READ | EFI_FILE_MODE_CREATE | EFI_FILE_MODE_WRITE, 0);
+ res = FileOpen(NULL, L"\\EFI\\" DCS_DIRECTORY L"\\PlatformInfo", &fInfo, EFI_FILE_MODE_READ | EFI_FILE_MODE_CREATE | EFI_FILE_MODE_WRITE, 0);
if (EFI_ERROR(res)) {
ERR_PRINT(L"PlatformInfo create %r\n", res);
return res;
diff --git a/DcsInfo/DcsInfo.vcxproj b/DcsInfo/DcsInfo.vcxproj
new file mode 100644
index 0000000..de96f10
--- /dev/null
+++ b/DcsInfo/DcsInfo.vcxproj
@@ -0,0 +1,94 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsInfo.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsInfo.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsInfo/DcsInfo.vcxproj.filters b/DcsInfo/DcsInfo.vcxproj.filters
new file mode 100644
index 0000000..17d4c9a
--- /dev/null
+++ b/DcsInfo/DcsInfo.vcxproj.filters
@@ -0,0 +1,27 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsInfo/DcsInfo.vcxproj.user b/DcsInfo/DcsInfo.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsInfo/DcsInfo.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsInt/DcsInt.c b/DcsInt/DcsInt.c
index b7e392f..2d20434 100644
--- a/DcsInt/DcsInt.c
+++ b/DcsInt/DcsInt.c
@@ -3,6 +3,7 @@ Block R/W interceptor
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials
are licensed and made available under the terms and conditions
@@ -13,6 +14,7 @@ The full text of the license may be found at
**/
#include "DcsInt.h"
+#include
#include
#include
#include
@@ -20,796 +22,73 @@ The full text of the license may be found at
#include
#include
-#include
-#include
-#include
-#include
-#include
-
-#include "common/Tcdefs.h"
-#include "common/Crypto.h"
-#include "common/Volumes.h"
-#include "common/Crc.h"
-#include "crypto/cpu.h"
-#include "BootCommon.h"
#include "DcsConfig.h"
-#include "DcsVeraCrypt.h"
#include
-// #define TRC_HANDLE_PATH(msg,h) \
-// OUT_PRINT(msg); \
-// EfiPrintDevicePath(h); \
-// OUT_PRINT(L"\n")
-#define TRC_HANDLE_PATH(msg,h)
-
-EFI_DEVICE_PATH* gDcsBoot;
-UINTN gDcsBootSize;
-
-DCSINT_BLOCK_IO* DcsIntBlockIoFirst = NULL; //< List of block I/O head
-
-EFI_DRIVER_BINDING_PROTOCOL g_DcsIntDriverBinding = {
- DcsIntBindingSupported,
- DcsIntBindingStart,
- DcsIntBindingStop,
- DCSINT_DRIVER_VERSION,
- NULL,
- NULL
-};
-
-#pragma pack(1)
-typedef struct _BOOT_PARAMS {
- CHAR8 Offset[TC_BOOT_LOADER_ARGS_OFFSET];
- BootArguments BootArgs;
- BOOT_CRYPTO_HEADER BootCryptoInfo;
- uint16 pad1;
- SECREGION_BOOT_PARAMS SecRegion;
-} BOOT_PARAMS, *PBOOT_PARAMS;
-#pragma pack()
-
-UINT32 gHeaderSaltCrc32 = 0;
-PBOOT_PARAMS bootParams = NULL;
-// #define EFI_BOOTARGS_REGIONS_TEST ,0x9000000, 0xA000000
-#define EFI_BOOTARGS_REGIONS_TEST
-UINTN BootArgsRegions[] = { EFI_BOOTARGS_REGIONS_HIGH, EFI_BOOTARGS_REGIONS_LOW EFI_BOOTARGS_REGIONS_TEST };
-
-CHAR8 Header[512];
-UINT32 BootDriveSignature;
-EFI_GUID BootDriveSignatureGpt;
-
-EFI_HANDLE SecRegionHandle = NULL;
-UINT64 SecRegionSector = 0;
-UINT8* SecRegionData = NULL;
-UINTN SecRegionSize = 0;
-UINTN SecRegionOffset = 0;
-PCRYPTO_INFO SecRegionCryptInfo = NULL;
-
-VOID
-CleanSensitiveData()
-{
- if (SecRegionCryptInfo != NULL) {
- MEM_BURN(SecRegionCryptInfo, sizeof(*SecRegionCryptInfo));
- }
-
- if (gRnd != NULL) {
- MEM_BURN(gRnd, sizeof(*gRnd));
- }
-
- if (SecRegionData != NULL) {
- MEM_BURN(SecRegionData, SecRegionSize);
- }
-
- if (gAutoPassword != NULL) {
- MEM_BURN(gAutoPassword, MAX_PASSWORD);
- }
-}
-
-void HaltPrint(const CHAR16* Msg)
-{
- CleanSensitiveData();
- Print(L"%s - system Halted\n", Msg);
- EfiCpuHalt();
-}
-//////////////////////////////////////////////////////////////////////////
-// Boot params memory
-//////////////////////////////////////////////////////////////////////////
-
-EFI_STATUS
-GetBootParamsMemory() {
- EFI_STATUS status = 0;
- UINTN index;
- if (bootParams != NULL) return EFI_SUCCESS;
- for (index = 0; index < sizeof(BootArgsRegions) / sizeof(BootArgsRegions[1]); ++index) {
- status = PrepareMemory(BootArgsRegions[index], sizeof(*bootParams), &bootParams);
- if (!EFI_ERROR(status)) {
- return status;
- }
- }
- return status;
-}
-
-EFI_STATUS
-SetSecRegionParamsMemory() {
- EFI_STATUS status = 0;
- UINTN index;
- UINT8* secRegion = NULL;
- UINT32 crc;
- if (bootParams == NULL) return EFI_NOT_READY;
-
- bootParams->SecRegion.Ptr = 0;
- bootParams->SecRegion.Size = 0;
- if (DeList != NULL) {
- for (index = 0; index < sizeof(BootArgsRegions) / sizeof(BootArgsRegions[1]); ++index) {
- status = PrepareMemory(BootArgsRegions[index], DeList->DataSize, &secRegion);
- if (!EFI_ERROR(status)) {
-// OUT_PRINT(L"bootParams %08x SecRegion %08x\n", (UINTN)bootParams, (UINTN)secRegion);
- CopyMem(secRegion, SecRegionData + SecRegionOffset, DeList->DataSize);
- bootParams->SecRegion.Ptr = (UINT64)secRegion;
- bootParams->SecRegion.Size = DeList->DataSize;
- break;
- }
- }
- }
- status = gBS->CalculateCrc32(&bootParams->SecRegion, sizeof(SECREGION_BOOT_PARAMS) - 4, &crc);
- bootParams->SecRegion.Crc = crc;
- return status;
-}
-
-EFI_STATUS
-PrepareBootParams(
- IN UINT32 bootDriveSignature,
- IN PCRYPTO_INFO cryptoInfo)
-{
- BootArguments *bootArgs;
- EFI_STATUS status;
- if (bootParams == NULL) status = EFI_UNSUPPORTED;
- else {
- bootArgs = &bootParams->BootArgs;
- TC_SET_BOOT_ARGUMENTS_SIGNATURE(bootArgs->Signature);
- bootArgs->BootLoaderVersion = VERSION_NUM;
- bootArgs->CryptoInfoOffset = (uint16)(FIELD_OFFSET(BOOT_PARAMS, BootCryptoInfo));
- bootArgs->CryptoInfoLength = (uint16)(sizeof(BOOT_CRYPTO_HEADER) + 2 + sizeof(SECREGION_BOOT_PARAMS));
- bootArgs->HeaderSaltCrc32 = gHeaderSaltCrc32;
- CopyMem(&bootArgs->BootPassword, &gAuthPassword, sizeof(gAuthPassword));
- bootArgs->HiddenSystemPartitionStart = 0;
- bootArgs->DecoySystemPartitionStart = 0;
- bootArgs->BootDriveSignature = bootDriveSignature;
- bootArgs->Flags = (uint32)(gAuthPim << 16);
- bootArgs->BootArgumentsCrc32 = GetCrc32((byte *)bootArgs, (int)((byte *)&bootArgs->BootArgumentsCrc32 - (byte *)bootArgs));
- bootParams->BootCryptoInfo.ea = (uint16)cryptoInfo->ea;
- bootParams->BootCryptoInfo.mode = (uint16)cryptoInfo->mode;
- bootParams->BootCryptoInfo.pkcs5 = (uint16)cryptoInfo->pkcs5;
- SetSecRegionParamsMemory();
- status = EFI_SUCCESS;
- }
-
- // Clean auth data
- MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
- MEM_BURN(&gAuthPim, sizeof(gAuthPim));
-
- return status;
-}
-
-void GetIntersection(uint64 start1, uint32 length1, uint64 start2, uint64 end2, uint64 *intersectStart, uint32 *intersectLength)
-{
- uint64 end1 = start1 + length1 - 1;
- uint64 intersectEnd = (end1 <= end2) ? end1 : end2;
-
- *intersectStart = (start1 >= start2) ? start1 : start2;
- *intersectLength = (uint32)((*intersectStart > intersectEnd) ? 0 : intersectEnd + 1 - *intersectStart);
-
- if (*intersectLength == 0)
- *intersectStart = start1;
-}
-
-VOID UpdateDataBuffer(
- IN OUT UINT8* buf,
- IN UINT32 bufSize,
- IN UINT64 sector
- ) {
- UINT64 intersectStart;
- UINT32 intersectLength;
- UINTN i;
- if (DeList == NULL) return;
- for (i = 0; i < DeList->Count; ++i) {
- if (DeList->DE[i].Type == DE_Sectors) {
- GetIntersection(
- sector << 9, bufSize,
- DeList->DE[i].Sectors.Start, DeList->DE[i].Sectors.Start + DeList->DE[i].Sectors.Length - 1,
- &intersectStart, &intersectLength
- );
- if (intersectLength != 0) {
-// OUT_PRINT(L"S %d : %lld, %d\n", i, intersectStart, intersectLength);
-// OUT_PRINT(L"S");
- CopyMem(
- buf + (intersectStart - (sector << 9)),
- SecRegionData + SecRegionOffset + DeList->DE[i].Sectors.Offset + (intersectStart - (sector << 9)),
- intersectLength
- );
- }
- }
- }
-
-}
-
-//////////////////////////////////////////////////////////////////////////
-// List of block I/O
-//////////////////////////////////////////////////////////////////////////
-DCSINT_BLOCK_IO*
-GetBlockIoByHandle(
- IN EFI_HANDLE handle)
-{
- DCSINT_BLOCK_IO *DcsIntBlockIo = DcsIntBlockIoFirst;
- while (DcsIntBlockIo != NULL) {
- if (DcsIntBlockIo->Controller == handle) {
- return DcsIntBlockIo;
- }
- DcsIntBlockIo = DcsIntBlockIo->Next;
- }
- return NULL;
-}
-
-DCSINT_BLOCK_IO*
-GetBlockIoByProtocol(
- IN EFI_BLOCK_IO_PROTOCOL* protocol)
-{
- DCSINT_BLOCK_IO *DcsIntBlockIo = DcsIntBlockIoFirst;
- while (DcsIntBlockIo != NULL) {
- if (DcsIntBlockIo->BlockIo == protocol) {
- return DcsIntBlockIo;
- }
- DcsIntBlockIo = DcsIntBlockIo->Next;
- }
- return NULL;
-}
-
-//////////////////////////////////////////////////////////////////////////
-// Read/Write
-//////////////////////////////////////////////////////////////////////////
-EFI_STATUS
-IntBlockIO_Write(
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSize,
- OUT VOID *Buffer
- )
-{
- DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
- EFI_STATUS Status = EFI_SUCCESS;
- EFI_LBA startSector;
- DcsIntBlockIo = GetBlockIoByProtocol(This);
-
- if (DcsIntBlockIo) {
- startSector = Lba;
- startSector += gAuthBoot ? 0 : DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value >> 9;
- //Print(L"This[0x%x] mid %x Write: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
- if ((startSector >= DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value >> 9) &&
- (startSector < ((DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value + DcsIntBlockIo->CryptInfo->EncryptedAreaLength.Value) >> 9))) {
- VOID* writeCrypted;
- writeCrypted = MEM_ALLOC(BufferSize);
- if (writeCrypted == NULL) {
- Status = EFI_BAD_BUFFER_SIZE;
- return Status;
- }
- CopyMem(writeCrypted, Buffer, BufferSize);
- // Print(L"*");
- UpdateDataBuffer(writeCrypted, (UINT32)BufferSize, startSector);
- EncryptDataUnits(writeCrypted, (UINT64_STRUCT*)&startSector, (UINT32)(BufferSize >> 9), DcsIntBlockIo->CryptInfo);
- Status = DcsIntBlockIo->LowWrite(This, MediaId, startSector, BufferSize, writeCrypted);
- MEM_FREE(writeCrypted);
- }
- else {
- Status = DcsIntBlockIo->LowWrite(This, MediaId, startSector, BufferSize, Buffer);
- }
- }
- else {
- Status = EFI_BAD_BUFFER_SIZE;
- }
- return Status;
-}
-
-EFI_STATUS
-IntBlockIO_Read(
- IN EFI_BLOCK_IO_PROTOCOL *This,
- IN UINT32 MediaId,
- IN EFI_LBA Lba,
- IN UINTN BufferSize,
- OUT VOID *Buffer
- )
-{
- DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
- EFI_STATUS Status = EFI_SUCCESS;
- EFI_LBA startSector;
-
- DcsIntBlockIo = GetBlockIoByProtocol(This);
- if (DcsIntBlockIo) {
- startSector = Lba;
- startSector += gAuthBoot ? 0 : DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value >> 9;
- Status = DcsIntBlockIo->LowRead(This, MediaId, startSector, BufferSize, Buffer);
- //Print(L"This[0x%x] mid %x ReadBlock: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
- if ((startSector >= DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value >> 9) &&
- (startSector < ((DcsIntBlockIo->CryptInfo->EncryptedAreaStart.Value + DcsIntBlockIo->CryptInfo->EncryptedAreaLength.Value) >> 9))) {
- // Print(L".");
- DecryptDataUnits(Buffer, (UINT64_STRUCT*)&startSector, (UINT32)(BufferSize >> 9), DcsIntBlockIo->CryptInfo);
- }
- UpdateDataBuffer(Buffer, (UINT32)BufferSize, startSector);
- }
- else {
- Status = EFI_BAD_BUFFER_SIZE;
- }
- return Status;
-}
-
-//////////////////////////////////////////////////////////////////////////
-// Block IO hook
-//////////////////////////////////////////////////////////////////////////
-EFI_STATUS
-IntBlockIo_Hook(
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE DeviceHandle
- )
-{
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
- DCSINT_BLOCK_IO *DcsIntBlockIo = 0;
- EFI_STATUS Status;
-// EFI_TPL Tpl;
-
- // Already hook?
- DcsIntBlockIo = GetBlockIoByHandle(DeviceHandle);
- if (DcsIntBlockIo != NULL) {
- return EFI_SUCCESS;
- }
-
- Status = gBS->OpenProtocol(
- DeviceHandle,
- &gEfiBlockIoProtocolGuid,
- (VOID**)&BlockIo,
- This->DriverBindingHandle,
- DeviceHandle,
- EFI_OPEN_PROTOCOL_GET_PROTOCOL
- );
-
- if (!EFI_ERROR(Status)) {
- // Check is this protocol already hooked
- DcsIntBlockIo = (DCSINT_BLOCK_IO *)MEM_ALLOC(sizeof(DCSINT_BLOCK_IO));
- if (DcsIntBlockIo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- // construct new DcsIntBlockIo
- DcsIntBlockIo->Sign = DCSINT_BLOCK_IO_SIGN;
- DcsIntBlockIo->Controller = DeviceHandle;
- DcsIntBlockIo->BlockIo = BlockIo;
- DcsIntBlockIo->IsReinstalled = 0;
-// Block
-// Tpl = gBS->RaiseTPL(TPL_NOTIFY);
- // Install new routines
- DcsIntBlockIo->CryptInfo = SecRegionCryptInfo;
- DcsIntBlockIo->LowRead = BlockIo->ReadBlocks;
- DcsIntBlockIo->LowWrite = BlockIo->WriteBlocks;
- BlockIo->ReadBlocks = IntBlockIO_Read;
- BlockIo->WriteBlocks = IntBlockIO_Write;
-
- // close protocol before reinstall
- gBS->CloseProtocol(
- DeviceHandle,
- &gEfiBlockIoProtocolGuid,
- This->DriverBindingHandle,
- DeviceHandle
- );
-
- // add to global list
- if (DcsIntBlockIoFirst == NULL) {
- DcsIntBlockIoFirst = DcsIntBlockIo;
- DcsIntBlockIoFirst->Next = NULL;
- }
- else {
- DcsIntBlockIo->Next = DcsIntBlockIoFirst;
- DcsIntBlockIoFirst = DcsIntBlockIo;
- }
-
- // reinstall BlockIo protocol
- Status = gBS->ReinstallProtocolInterface(
- DeviceHandle,
- &gEfiBlockIoProtocolGuid,
- BlockIo,
- BlockIo
- );
-
-// gBS->RestoreTPL(Tpl);
- DcsIntBlockIo->IsReinstalled = 1;
-
- Status = EFI_SUCCESS;
- }
- return Status;
-}
-
-//////////////////////////////////////////////////////////////////////////
-// DriverBinding routines
-//////////////////////////////////////////////////////////////////////////
-EFI_STATUS
-DcsIntBindingStart(
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
- )
-{
- EFI_STATUS Status;
-
- TRC_HANDLE_PATH(L"t: ", Controller);
-
- // hook blockIo
- Status = IntBlockIo_Hook(This, Controller);
- if (EFI_ERROR(Status)) {
- HaltPrint(L"Failed");
- }
- return Status;
-}
-
-EFI_STATUS
-DcsIntBindingSupported(
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
- )
-{
- EFI_DEVICE_PATH *DevicePath;
- DevicePath = DevicePathFromHandle(Controller);
- if ((DevicePath != NULL) && CompareMem(DevicePath, gDcsBoot, gDcsBootSize) == 0) {
- DCSINT_BLOCK_IO* DcsIntBlockIo = NULL;
- // Is installed?
- DcsIntBlockIo = GetBlockIoByHandle(Controller);
- if (DcsIntBlockIo != NULL) {
- return EFI_UNSUPPORTED;
- }
- return EFI_SUCCESS;
- }
- return EFI_UNSUPPORTED;
-}
-
-EFI_STATUS
-DcsIntBindingStop(
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN UINTN NumberOfChildren,
- IN EFI_HANDLE *ChildHandleBuffer
- )
-{
- TRC_HANDLE_PATH(L"p: ", Controller);
- return EFI_SUCCESS;
-}
//////////////////////////////////////////////////////////////////////////
-// Security regions
+// Auxyliary hardware
//////////////////////////////////////////////////////////////////////////
EFI_STATUS
-SecRegionLoadDefault(EFI_HANDLE partHandle)
+InitAuxDrivers()
{
- EFI_STATUS res = EFI_SUCCESS;
- HARDDRIVE_DEVICE_PATH dpVolme;
- EFI_BLOCK_IO_PROTOCOL *bio = NULL;
- EFI_PARTITION_TABLE_HEADER* gptHdr;
- res = EfiGetPartDetails(partHandle, &dpVolme, &SecRegionHandle);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Part details: %r\n,", res);
- return res;
- }
-
- // get BlockIo protocol
- bio = EfiGetBlockIO(SecRegionHandle);
- if (bio == NULL) {
- ERR_PRINT(L"Block I/O not supported\n");
- return EFI_NOT_FOUND;
- }
-
- if (bio->Media != NULL) {
- if (bio->Media->BlockSize != 512) {
- ERR_PRINT(L"Block size is %d. (not supported)\n", bio->Media->BlockSize);
- return EFI_INVALID_PARAMETER;
- }
- }
-
- SecRegionData = MEM_ALLOC(512);
- if (SecRegionData == NULL) {
- ERR_PRINT(L"No memory\n");
- return EFI_BUFFER_TOO_SMALL;
- }
- SecRegionSize = 512;
-
- res = bio->ReadBlocks(bio, bio->Media->MediaId, 0, 512, SecRegionData);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Read: %r\n", res);
- goto error;
- }
-
- BootDriveSignature = *(uint32 *)(SecRegionData + 0x1b8);
-
- res = bio->ReadBlocks(bio, bio->Media->MediaId, 1, 512, SecRegionData);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Read: %r\n", res);
- goto error;
- }
-
- gptHdr = (EFI_PARTITION_TABLE_HEADER*)SecRegionData;
- CopyMem(&BootDriveSignatureGpt, &gptHdr->DiskGUID, sizeof(BootDriveSignatureGpt));
-
- res = bio->ReadBlocks(bio, bio->Media->MediaId, TC_BOOT_VOLUME_HEADER_SECTOR, 512, SecRegionData);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Read: %r\n", res);
- goto error;
- }
-
- return EFI_SUCCESS;
-error:
- MEM_FREE(SecRegionData);
- SecRegionData = NULL;
- SecRegionSize = 0;
- return res;
-}
-
-EFI_STATUS
-SecRegionChangePwd() {
- EFI_STATUS Status;
- EFI_BLOCK_IO_PROTOCOL* bio = NULL;
- PCRYPTO_INFO cryptoInfo, ci;
- Password newPassword;
- Password confirmPassword;
- INT32 vcres;
-
- Status = RndPreapare();
- if (EFI_ERROR(Status)) {
- ERR_PRINT(L"Rnd: %r\n", Status);
- return Status;
- }
-
- do {
- ZeroMem(&newPassword, sizeof(newPassword));
- ZeroMem(&confirmPassword, sizeof(newPassword));
- VCAskPwd(AskPwdNew, &newPassword);
- if (gAuthPwdCode == AskPwdRetCancel) {
- return EFI_DCS_USER_CANCELED;
- }
- if (gAuthPwdCode == AskPwdRetTimeout) {
- return EFI_TIMEOUT;
- }
- VCAskPwd(AskPwdConfirm, &confirmPassword);
- if (gAuthPwdCode == AskPwdRetCancel) {
- MEM_BURN(&newPassword, sizeof(newPassword));
- return EFI_DCS_USER_CANCELED;
- }
- if (gAuthPwdCode == AskPwdRetTimeout) {
- MEM_BURN(&newPassword, sizeof(newPassword));
- return EFI_TIMEOUT;
- }
- if (newPassword.Length == confirmPassword.Length) {
- if (CompareMem(newPassword.Text, confirmPassword.Text, confirmPassword.Length) == 0) {
- break;
- }
- }
- ERR_PRINT(L"Password mismatch");
- } while (TRUE);
-
- OUT_PRINT(L"Generate...\n\r");
- cryptoInfo = SecRegionCryptInfo;
- vcres = CreateVolumeHeaderInMemory(
- gAuthBoot, Header,
- cryptoInfo->ea,
- cryptoInfo->mode,
- &newPassword,
- cryptoInfo->pkcs5,
- gAuthPim,
- cryptoInfo->master_keydata,
- &ci,
- cryptoInfo->VolumeSize.Value,
- 0, //(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,
- cryptoInfo->EncryptedAreaStart.Value,
- cryptoInfo->EncryptedAreaLength.Value,
- gAuthTc ? 0 : cryptoInfo->RequiredProgramVersion,
- cryptoInfo->HeaderFlags,
- cryptoInfo->SectorSize,
- FALSE);
-
- if (vcres != 0) {
- ERR_PRINT(L"header create error(%x)\n", vcres);
- Status = EFI_INVALID_PARAMETER;
- goto ret;
- }
-
- // get BlockIo protocol
- bio = EfiGetBlockIO(SecRegionHandle);
- if (bio == NULL) {
- ERR_PRINT(L"Block io not supported\n,");
- Status = EFI_NOT_FOUND;
- goto ret;
- }
-
- Status = bio->WriteBlocks(bio, bio->Media->MediaId, SecRegionSector, 512, Header);
- if (EFI_ERROR(Status)) {
- ERR_PRINT(L"Write: %r\n", Status);
- goto ret;
- }
- CopyMem(&gAuthPassword, &newPassword, sizeof(gAuthPassword));
- CopyMem(SecRegionData + SecRegionOffset, Header, 512);
-
- ERR_PRINT(L"Update (%r)\n", Status);
- if (!EFI_ERROR(Status)) {
- EFI_INPUT_KEY key;
- key = KeyWait(L"Boot OS in %2d ('r' to reset) \r", 5, 0, 0);
- if (key.UnicodeChar == 'r') {
- MEM_BURN(&newPassword, sizeof(newPassword));
- MEM_BURN(&confirmPassword, sizeof(confirmPassword));
- CleanSensitiveData();
- gST->RuntimeServices->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
- }
- }
-
-ret:
- MEM_BURN(&newPassword, sizeof(newPassword));
- MEM_BURN(&confirmPassword, sizeof(confirmPassword));
- return Status;
-}
-
-EFI_STATUS
-SelectDcsBootBySignature()
-{
- EFI_STATUS res = EFI_NOT_FOUND;
- EFI_BLOCK_IO_PROTOCOL* bio = NULL;
- EFI_PARTITION_TABLE_HEADER* gptHdr;
- UINTN i;
- for (i = 0; i < gBIOCount; ++i) {
- if(EfiIsPartition(gBIOHandles[i])) continue;
- bio = EfiGetBlockIO(gBIOHandles[i]);
- if(bio == NULL) continue;
- res = bio->ReadBlocks(bio, bio->Media->MediaId, 0, 512, Header);
- if(EFI_ERROR(res)) continue;
- if((*(UINT32*)(Header+0x1b8)) != BootDriveSignature) continue;
- res = bio->ReadBlocks(bio, bio->Media->MediaId, 1, 512, Header);
- if (EFI_ERROR(res)) continue;
- gptHdr = (EFI_PARTITION_TABLE_HEADER*)Header;
- if (CompareMem(&BootDriveSignatureGpt, &gptHdr->DiskGUID, sizeof(BootDriveSignatureGpt)) != 0) continue;
- gDcsBoot = DevicePathFromHandle(gBIOHandles[i]);
- gDcsBootSize = GetDevicePathSize(gDcsBoot);
- return EFI_SUCCESS;
- }
- return EFI_NOT_FOUND;
-}
-
-EFI_STATUS
-SecRegionTryDecrypt()
-{
- int vcres = 1;
- EFI_STATUS res = EFI_SUCCESS;
- int retry = gAuthRetry;
- PlatformGetID(SecRegionHandle, &gPlatformKeyFile, &gPlatformKeyFileSize);
-
- do {
- SecRegionOffset = 0;
- VCAuthAsk();
- if (gAuthPwdCode == AskPwdRetCancel) {
- return EFI_DCS_USER_CANCELED;
- }
- if (gAuthPwdCode == AskPwdRetTimeout) {
- return EFI_TIMEOUT;
- }
- OUT_PRINT(L"%a", gAuthStartMsg);
- do {
- // EFI tables?
- if (TablesVerify(SecRegionSize - SecRegionOffset, SecRegionData + SecRegionOffset)) {
- EFI_TABLE_HEADER *mhdr = (EFI_TABLE_HEADER *)(SecRegionData + SecRegionOffset);
- UINTN tblZones = (mhdr->HeaderSize + 1024 * 128 - 1) / (1024 * 128);
- SecRegionOffset += tblZones * 1024 * 128;
- vcres = 1;
- continue;
- }
- // Try authorize zone
- CopyMem(Header, SecRegionData + SecRegionOffset, 512);
- vcres = ReadVolumeHeader(gAuthBoot, Header, &gAuthPassword, gAuthHash, gAuthPim, gAuthTc, &SecRegionCryptInfo, NULL);
- SecRegionOffset += (vcres != 0) ? 1024 * 128 : 0;
- } while (SecRegionOffset < SecRegionSize && vcres != 0);
- if (vcres == 0) {
- OUT_PRINT(L"Success\n");
- OUT_PRINT(L"Start %d %lld len %lld\n", SecRegionOffset / (1024*128), SecRegionCryptInfo->EncryptedAreaStart.Value, SecRegionCryptInfo->EncryptedAreaLength.Value);
- break;
- } else {
- ERR_PRINT(L"%a", gAuthErrorMsg);
- // clear previous failed authentication information
- MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
- if (gAuthPimRqt)
- MEM_BURN(&gAuthPim, sizeof(gAuthPim));
- }
- retry--;
- } while (vcres != 0 && retry > 0);
- if (vcres != 0) {
- return EFI_CRC_ERROR;
- }
-
- SecRegionSector = 62 + SecRegionOffset / 512;
- DeList = NULL;
- if (SecRegionSize > 512) {
- UINT64 startUnit = 0;
- DecryptDataUnits(SecRegionData + SecRegionOffset + 512, (UINT64_STRUCT*)&startUnit,(UINT32)255, SecRegionCryptInfo);
- if (CompareMem(SecRegionData + SecRegionOffset + 512, &gDcsDiskEntryListHeaderID, sizeof(gDcsDiskEntryListHeaderID)) != 0) {
- ERR_PRINT(L"Wrong DCS list header");
- return EFI_CRC_ERROR;
- }
- DeList = (DCS_DISK_ENTRY_LIST *)(SecRegionData + SecRegionOffset + 512);
- CopyMem(&BootDriveSignature, &DeList->DE[DE_IDX_DISKID].DiskId.MbrID, sizeof(BootDriveSignature));
- CopyMem(&BootDriveSignatureGpt, &DeList->DE[DE_IDX_DISKID].DiskId.GptID, sizeof(BootDriveSignatureGpt));
-
- if (DeList->DE[DE_IDX_EXEC].Type == DE_ExecParams) {
- DCS_DEP_EXEC *execParams = NULL;
- execParams = (DCS_DEP_EXEC *)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_EXEC].Offset);
- EfiSetVar(L"DcsExecPartGuid", NULL, &execParams->ExecPartGuid, sizeof(EFI_GUID), EFI_VARIABLE_BOOTSERVICE_ACCESS);
- EfiSetVar(L"DcsExecCmd", NULL, &execParams->ExecCmd, (StrLen((CHAR16*)&execParams->ExecCmd) + 1) * 2, EFI_VARIABLE_BOOTSERVICE_ACCESS);
- }
-
- if (DeList->DE[DE_IDX_PWDCACHE].Type == DE_PwdCache) {
- DCS_DEP_PWD_CACHE *pwdCache = NULL;
- UINT64 sector = 0;
- pwdCache = (DCS_DEP_PWD_CACHE *)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_PWDCACHE].Offset);
- EncryptDataUnits((UINT8*)pwdCache, (UINT64_STRUCT*)§or, 1, SecRegionCryptInfo);
- }
-
- if (DeList->DE[DE_IDX_RND].Type == DE_Rnd) {
- UINT8 temp[4];
- UINT64 sector = 0;
- DCS_RND_SAVED* rndNewSaved;
- DCS_RND_SAVED* rndSaved = (DCS_RND_SAVED*)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_RND].Offset);
- if (DeList->DE[DE_IDX_RND].Length == sizeof(DCS_RND_SAVED)) {
- if (!EFI_ERROR(res = RndLoad(rndSaved, &gRnd)) &&
- !EFI_ERROR(res = RndGetBytes(temp, sizeof(temp))) &&
- !EFI_ERROR(res = RndSave(gRnd, &rndNewSaved))
- ) {
- EFI_BLOCK_IO_PROTOCOL *bio = NULL;
- sector = (DeList->DE[DE_IDX_RND].Offset >> 9) - 1;
- OUT_PRINT(L"Last login %H%t%N\n", &rndSaved->SavedAt);
-
- EncryptDataUnits((UINT8*)rndNewSaved, (UINT64_STRUCT*)§or, 1, SecRegionCryptInfo);
- sector = SecRegionSector + (DeList->DE[DE_IDX_RND].Offset >> 9);
-
- // get BlockIo protocol
- bio = EfiGetBlockIO(SecRegionHandle);
- if (bio == NULL) {
- ERR_PRINT(L"Block io not supported\n,");
- }
-
- res = bio->WriteBlocks(bio, bio->Media->MediaId, sector, 512, rndNewSaved);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Write: %r\n", res);
- }
- }
+ int tmp;
+
+ // touch
+ tmp = ConfigReadInt("TouchDevice", -1);
+ if (tmp == -1) InitTouch();
+ if (tmp >= 0) {
+ if (gTouchCount == 0) InitTouch();
+ if (tmp < (int)gTouchCount) {
+ TouchGetIO(gTouchHandles[tmp], &gTouchPointer);
+ }
+ }
+ gTouchSimulate = ConfigReadInt("TouchSimulate", 0);
+
+ // Graph
+ tmp = ConfigReadInt("GraphDevice", -1);
+ if (tmp == -1) InitGraph();
+ if (tmp >= 0) {
+ if (gGraphCount == 0) InitGraph();
+ if (tmp < (int)gGraphCount) {
+ GraphGetIO(gGraphHandles[tmp], &gGraphOut);
+ }
+ }
+ if (gGraphOut != NULL) {
+ tmp = ConfigReadInt("GraphMode", -1);
+ if (tmp >= 0 && tmp <= (int)gGraphOut->Mode->MaxMode) {
+ gGraphOut->SetMode(gGraphOut, tmp);
+ }
+ }
+
+ // Beep
+ gBeepEnabled = ConfigReadInt("Beep", 0);
+ if (gBeepEnabled) {
+ gBeepNumberDefault = ConfigReadInt("BeepNumber", 1);
+ gBeepDurationDefault = ConfigReadInt("BeepDuration", 100);
+ gBeepIntervalDefault = ConfigReadInt("BeepInterval", 0);
+ gBeepToneDefault = ConfigReadInt("BeepTone", 0x500);
+ gBeepControlEnabled = ConfigReadInt("BeepControl", 1) != 0;
+
+ tmp = ConfigReadInt("BeepDevice", -1);
+ if (tmp == -1) InitSpeaker();
+ if (tmp >= 0) {
+ if (gSpeakerCount == 0) InitSpeaker();
+ if (tmp < (int)gSpeakerCount) {
+ SpeakerSelect(tmp);
}
}
}
- // Select boot device
- res = SelectDcsBootBySignature();
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Decrypt device not found\n");
- return res;
- }
-
- // Change password if requested
- if (gAuthPwdCode == AskPwdRetChange && gRnd != NULL) {
- res = RndPreapare();
- if (!EFI_ERROR(res)) {
- res = SecRegionChangePwd();
- if (EFI_ERROR(res)) {
- return res;
- }
- } else {
- ERR_PRINT(L"Random: %r\n", res);
- }
- }
- gHeaderSaltCrc32 = GetCrc32(SecRegionData + SecRegionOffset, PKCS5_SALT_SIZE);
return EFI_SUCCESS;
}
+
//////////////////////////////////////////////////////////////////////////
// Exit action
//////////////////////////////////////////////////////////////////////////
enum OnExitTypes{
- OnExitAuthFaild = 1,
+ OnExitAuthFailed = 1,
OnExitAuthNotFound,
OnExitAuthTimeout,
OnExitAuthCancelled,
@@ -825,10 +104,11 @@ AsciiCharNCmp(
return (ch1 | 0x20) == (ch2 | 0x20);
}
-CHAR8*
-AsciiStrNStr(
- IN CHAR8* str,
- IN CHAR8* pattern)
+VOID*
+VarStrNStr(
+ IN VOID* str,
+ IN VOID* pattern,
+ IN UINTN size)
{
CHAR8* pos1 = str;
CHAR8* pos2;
@@ -837,16 +117,32 @@ AsciiStrNStr(
posp = pattern;
pos2 = pos1;
while (*posp != 0 && *pos2 != 0 && AsciiCharNCmp(*pos2,*posp)) {
- ++posp;
- ++pos2;
+ posp += size;
+ pos2 += size;
}
if (*pos2 == 0 && *posp) return NULL;
if (*posp == 0) return pos1;
- ++pos1;
+ pos1 += size;
}
return NULL;
}
+VOID*
+AsciiStrNStr(
+ IN CHAR8* str,
+ IN CHAR8* pattern)
+{
+ return VarStrNStr(str, pattern, sizeof(CHAR8));
+}
+
+VOID*
+UnicodeStrNStr(
+ IN CHAR16* str,
+ IN CHAR16* pattern)
+{
+ return VarStrNStr(str, pattern, sizeof(CHAR16));
+}
+
BOOLEAN
OnExitGetParam(
IN CHAR8 *action,
@@ -876,7 +172,6 @@ OnExitGetParam(
EFI_STATUS
OnExit(
- IN CHAR8 *action,
IN UINTN type,
IN EFI_STATUS retValue)
{
@@ -885,14 +180,22 @@ OnExit(
CHAR8* messageStr = NULL;
CHAR8* delayStr = NULL;
EFI_GUID *guid = NULL;
- CHAR16 *fileStr = NULL;
-
- if (EFI_ERROR(retValue))
- {
- CleanSensitiveData();
+ CHAR16 *fileStr = NULL;
+ CHAR8 action[256] = { 0 };
+
+ if (EFI_ERROR(retValue)) {
+ CleanSensitiveData(FALSE);
}
- if (action == NULL) return retValue;
+ switch (type) {
+ case OnExitAuthFailed: ConfigReadString("ActionFailed", "Exit", action, sizeof(action)); break;
+ case OnExitAuthNotFound: ConfigReadString("ActionNotFound", "Exit", action, sizeof(action)); break;
+ case OnExitAuthTimeout: ConfigReadString("ActionTimeout", "Shutdown", action, sizeof(action)); break;
+ case OnExitAuthCancelled: ConfigReadString("ActionSuccess", "Continue", action, sizeof(action)); break;
+ case OnExitSuccess: ConfigReadString("ActionCancelled", "Exit", action, sizeof(action)); break;
+ }
+
+ if (action[0] == 0) return retValue;
if (OnExitGetParam(action, "guid", &guidStr, NULL)) {
EFI_GUID tmp;
@@ -943,6 +246,10 @@ OnExit(
retValue = EFI_DCS_REBOOT_REQUESTED;
}
+ else if (AsciiStrNStr(action, "cancel") == action) {
+ retValue = EFI_DCS_USER_CANCELED;
+ }
+
else if (AsciiStrNStr(action, "exec") == action) {
if (guid != NULL) {
EFI_STATUS res;
@@ -950,7 +257,7 @@ OnExit(
res = EfiFindPartByGUID(guid, &h);
if (EFI_ERROR(res)) {
ERR_PRINT(L"\nCan't find start partition\n");
- CleanSensitiveData();
+ CleanSensitiveData(FALSE);
retValue = EFI_DCS_HALT_REQUESTED;
goto exit;
}
@@ -959,14 +266,14 @@ OnExit(
res = EfiExec(h, fileStr);
if (EFI_ERROR(res)) {
ERR_PRINT(L"\nStart %s - %r\n", fileStr, res);
- CleanSensitiveData();
+ CleanSensitiveData(FALSE);
retValue = EFI_DCS_HALT_REQUESTED;
goto exit;
}
}
else {
ERR_PRINT(L"\nNo EFI execution path specified. Halting!\n");
- CleanSensitiveData();
+ CleanSensitiveData(FALSE);
retValue = EFI_DCS_HALT_REQUESTED;
goto exit;
}
@@ -990,6 +297,10 @@ OnExit(
goto exit;
}
+ else if (AsciiStrStr(action, "continue") == action) {
+ retValue = EFI_SUCCESS;
+ goto exit;
+ }
else if (AsciiStrStr(action, "exit") == action) {
goto exit;
}
@@ -1016,67 +327,7 @@ VirtualNotifyEvent(
)
{
// Clean all sensible info and keys before transfer to OS
- CleanSensitiveData();
-}
-
-//////////////////////////////////////////////////////////////////////////
-// Open tables
-//////////////////////////////////////////////////////////////////////////
-UINT8* gOpenTables = NULL;
-
-BOOLEAN
-SecRegionTablesFind(UINT8* secRegion, UINTN secRegionSize, VOID** tables) {
- UINTN pos = 0;
- while (pos < SecRegionSize) {
- if (TablesVerify(secRegionSize - pos, secRegion + pos)) {
- *tables = secRegion + pos;
- return TRUE;
- }
- pos += 128 * 1024;
- }
- return FALSE;
-}
-
-#define DCSPROP_HEADER_SIGN SIGNATURE_64('D','C','S','P','R','O','P','_')
-#define PICTPWD_HEADER_SIGN SIGNATURE_64('P','I','C','T','P','W','D','_')
-
-VOID
-VCAuthLoadConfigUpdated(UINT8* secRegion, UINTN secRegionSize) {
- if (SecRegionTablesFind(secRegion, secRegionSize, &gOpenTables)) {
- if (TablesGetData(gOpenTables, DCSPROP_HEADER_SIGN, &gConfigBufferUpdated, &gConfigBufferUpdatedSize)) {
- // Reload config parameters
- MEM_FREE(gAuthPasswordMsg);
- gAuthPasswordMsg = NULL;
- VCAuthLoadConfig();
- }
- TablesGetData(gOpenTables, PICTPWD_HEADER_SIGN, &gPictPwdBmp, &gPictPwdBmpSize);
- }
-}
-
-VOID
-Pause(
- IN UINTN seconds
- )
-{
- if (seconds) {
- EFI_INPUT_KEY key;
- key = KeyWait(L"%2d \r", seconds, 0, 0);
- if (key.UnicodeChar != 0) {
- GetKey();
- }
- }
-}
-
-VOID
-PauseHandleInfo(
- IN EFI_HANDLE hndle,
- IN UINTN seconds)
-{
- if (seconds) {
- EfiPrintDevicePath(hndle);
- Pause(seconds);
- OUT_PRINT(L"\n");
- }
+ CleanSensitiveData(FALSE);
}
//////////////////////////////////////////////////////////////////////////
@@ -1087,143 +338,103 @@ UefiMain(
EFI_HANDLE ImageHandle,
EFI_SYSTEM_TABLE *SystemTable)
{
- EFI_STATUS res;
+ EFI_STATUS res = EFI_SUCCESS;
+
+#ifdef DEBUG_BUILD
+ OUT_PRINT(L"DcsInt - DEBUG Build %s %s\n", _T(__DATE__), _T(__TIME__));
+#endif
InitBio();
InitFS();
+ InitConfig(CONFIG_FILE_PATH);
+ InitParams();
+ InitAuxDrivers();
+#ifndef NO_BML
// Remove BootNext to restore boot order
BootMenuItemRemove(L"BootNext");
+#endif
- // Load auth parameters
- VCAuthLoadConfig();
- if (gAuthSecRegionSearch) {
- res = PlatformGetAuthData(&SecRegionData, &SecRegionSize, &SecRegionHandle);
- if (!EFI_ERROR(res)) {
- VCAuthLoadConfigUpdated(SecRegionData, SecRegionSize);
- PauseHandleInfo(SecRegionHandle, gSecRegionInfoDelay);
- }
- } else if (gRUD != 0) {
- // RUD defined
- UINTN i;
- BOOLEAN devFound = FALSE;
- InitUsb();
- for (i = 0; i < gUSBCount; ++i) {
- CHAR8* id = NULL;
- res = UsbGetId(gUSBHandles[i], &id);
- if (!EFI_ERROR(res) && id != NULL) {
- INT32 rud;
- rud = GetCrc32((unsigned char*)id, (int)AsciiStrLen(id));
- MEM_FREE(id);
- if (rud == gRUD) {
- devFound = TRUE;
- PauseHandleInfo(SecRegionHandle, gSecRegionInfoDelay);
- break;
- }
- }
- }
- if (!devFound) return OnExit(gOnExitNotFound, OnExitAuthNotFound, EFI_NOT_FOUND);
- }
+ //if (gExternMode) {
+ // ERR_PRINT(L"Extern Mode\n");
+ //}
- // Force authorization
- if (SecRegionData == NULL && gDcsBootForce != 0) {
- res = EFI_NOT_FOUND;
- if (gPartitionGuidOS != NULL) {
- // Try to find by OS partition GUID
- UINTN i;
- for (i = 0; i < gBIOCount; ++i) {
- EFI_GUID guid;
- res = EfiGetPartGUID(gBIOHandles[i], &guid);
- if (EFI_ERROR(res)) continue;
- if (memcmp(gPartitionGuidOS, &guid, sizeof(guid)) == 0) {
- res = SecRegionLoadDefault(gBIOHandles[i]);
- break;
- }
- }
- } else {
- res = SecRegionLoadDefault(gFileRootHandle);
- }
- if (EFI_ERROR(res)) {
- return OnExit(gOnExitNotFound, OnExitAuthNotFound, res);
- }
- // force password type and message to simulate "press ESC to continue"
- MEM_FREE(gAuthPasswordMsg);
- gAuthPasswordType = gForcePasswordType;
- gAuthPasswordMsg = gForcePasswordMsg;
- gPasswordProgress = gForcePasswordProgress;
- }
+#ifdef DCS_SINGLE_MODULE
- // ask any way? (by DcsBoot flag)
- if (SecRegionData == NULL) {
- if (gDcsBootForce != 0) {
- res = SecRegionLoadDefault(gFileRootHandle);
- if (EFI_ERROR(res)) {
- return OnExit(gOnExitNotFound, OnExitAuthNotFound, res);
- }
- } else {
- return OnExit(gOnExitNotFound, OnExitAuthNotFound, EFI_NOT_FOUND);
- }
- }
+ #if DCS_SINGLE_MODULE == 0xDC
+ res = DcsDiskCryptor(ImageHandle, SystemTable);
+ #elif DCS_SINGLE_MODULE == 0x4C
+ res = DcsVeraCrypt(ImageHandle, SystemTable);
+ #else
+ #error "Unknown DCS Module";
+ #endif
- res = GetBootParamsMemory();
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"No boot args memory: %r\n\r", res);
- KeyWait(L"%02d\r", 10, 0, 0);
- return res;
- }
+#else
+ PMENU_ITEM gMenu = NULL;
+ PMENU_ITEM item = gMenu;
+ CHAR16* presetImpl = NULL;
- RndInit(gRndDefault, NULL, 0, &gRnd);
+#pragma warning(disable:4054)
+ gMenu =
+ item = DcsMenuAppend(item, L"DiskCryptor", 'd', NULL, (VOID*)DcsDiskCryptor);
+ item = DcsMenuAppend(item, L"VeraCrypt", 'v', NULL, (VOID*)DcsVeraCrypt);
+#pragma warning(default:4054)
+ item = NULL;
- res = GetTpm(); // Try to get TPM
- if (!EFI_ERROR(res)) {
- if (gConfigBuffer != NULL) {
- gTpm->Measure(gTpm, DCS_TPM_PCR_LOCK, gConfigBufferSize, gConfigBuffer); // Measure configuration
- }
- if (gTpm->IsConfigured(gTpm) && !gTpm->IsOpen(gTpm) && gTPMLockedInfoDelay) {
- ERR_PRINT(L"TPM is configured but locked. Probably boot chain is modified!\n");
- Pause(gTPMLockedInfoDelay);
+ presetImpl = ConfigReadStringW("DcsModule", L"", NULL, 100);
+ if (presetImpl[0] != L'\0') {
+ item = gMenu;
+ while (item != NULL) {
+ if (UnicodeStrNStr(presetImpl, item->Text) == presetImpl) break;
+ item = item->Next;
}
}
- DetectX86Features();
- res = SecRegionTryDecrypt();
- if (gTpm != NULL) {
- gTpm->Lock(gTpm);
- }
- // Reset Console buffer
- gST->ConIn->Reset(gST->ConIn, FALSE);
+ if (item == NULL) {
+ OUT_PRINT(L"Select Support Module:\n");
+ DcsMenuPrint(gMenu);
- if (EFI_ERROR(res)) {
- // clear buffers with potential authentication data
- MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
- MEM_BURN(&gAuthPim, sizeof(gAuthPim));
+ do {
+ EFI_INPUT_KEY key = GetKey();
- if (res == EFI_TIMEOUT)
- return OnExit(gOnExitTimeout, OnExitAuthTimeout, res);
- else if (res == EFI_DCS_USER_CANCELED)
- return OnExit(gOnExitCancelled, OnExitAuthCancelled, res);
- else
- return OnExit(gOnExitFailed, OnExitAuthFaild, res);
- }
+ if (key.ScanCode == SCAN_ESC) {
+ return EFI_DCS_USER_CANCELED;
+ }
- res = PrepareBootParams(BootDriveSignature, SecRegionCryptInfo);
- if (EFI_ERROR(res)) {
- ERR_PRINT(L"Can not set params for OS: %r", res);
- return OnExit(gOnExitFailed, OnExitAuthFaild, res);
+ item = gMenu;
+ while (item != NULL) {
+ if (item->Select == key.UnicodeChar) break;
+ item = item->Next;
+ }
+ } while (item == NULL);
+
+ OUT_PRINT(L"\n");
+ }
+ else {
+ if (gConfigDebug) {
+ OUT_PRINT(L"Support Module: %H%s%N\n", item->Text);
+ }
}
- // Install decrypt
- res = EfiLibInstallDriverBindingComponentName2(
- ImageHandle,
- SystemTable,
- &g_DcsIntDriverBinding,
- ImageHandle,
- &gDcsIntComponentName,
- &gDcsIntComponentName2);
+#pragma warning(disable:4055)
+ res = ((DCS_IMPL)item->Context)(ImageHandle, SystemTable);
+#pragma warning(default:4055)
+
+#endif
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"DcsInt done\n");
+ }
if (EFI_ERROR(res)) {
- ERR_PRINT(L"Bind %r\n", res);
- return OnExit(gOnExitFailed, OnExitAuthFaild, res);
+ if (res == EFI_DCS_USER_TIMEOUT)
+ return OnExit(OnExitAuthTimeout, res);
+ else if (res == EFI_DCS_USER_CANCELED)
+ return OnExit(OnExitAuthCancelled, res);
+ else if (res == EFI_DCS_DATA_NOT_FOUND)
+ return OnExit(OnExitAuthNotFound, res);
+ else
+ return OnExit(OnExitAuthFailed, res);
}
res = gBS->CreateEventEx(
@@ -1235,5 +446,9 @@ UefiMain(
&mVirtualAddrChangeEvent
);
- return OnExit(gOnExitSuccess, OnExitSuccess, res);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Failed to setup VirtualAddrChangeEvent to Clean Sensitive Data from RAM after boot!");
+ }
+
+ return OnExit(OnExitSuccess, EFI_SUCCESS);
}
diff --git a/DcsInt/DcsInt.h b/DcsInt/DcsInt.h
index ad0e40c..ce1ee22 100644
--- a/DcsInt/DcsInt.h
+++ b/DcsInt/DcsInt.h
@@ -3,6 +3,7 @@ Block R/W interceptor
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials
are licensed and made available under the terms and conditions
@@ -16,220 +17,39 @@ The full text of the license may be found at
#define __DCSINT_H__
#include
-#include
-#include
-#include
-#include
-#define DCSINT_DRIVER_VERSION 1
-#define DCS_SIGNATURE_16(A, B) ((A) | (B << 8))
-#define DCS_SIGNATURE_32(A, B, C, D) (DCS_SIGNATURE_16 (A, B) | (DCS_SIGNATURE_16 (C, D) << 16))
-
-#define DCSINT_BLOCK_IO_SIGN DCS_SIGNATURE_32('D','C','S', 'I')
-
-extern EFI_COMPONENT_NAME_PROTOCOL gDcsIntComponentName;
-extern EFI_COMPONENT_NAME2_PROTOCOL gDcsIntComponentName2;
-
-typedef struct _DCSINT_BLOCK_IO DCSINT_BLOCK_IO, *PDCSINT_BLOCK_IO;
-typedef struct CRYPTO_INFO_t CRYPTO_INFO, *PCRYPTO_INFO;
-
-typedef struct _DCSINT_BLOCK_IO {
- UINT32 Sign;
- EFI_HANDLE Controller;
-
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
- EFI_BLOCK_READ LowRead;
- EFI_BLOCK_WRITE LowWrite;
- UINT32 IsReinstalled;
- PCRYPTO_INFO CryptInfo;
- DCSINT_BLOCK_IO* Next;
-} DCSINT_BLOCK_IO, *PDCSINT_BLOCK_IO;
-
-//
-// Functions for Driver Binding Protocol
-//
-
-/**
- Check whether the controller is a supported.
-
- @param This The driver binding protocol.
- @param Controller The controller handle to check.
- @param RemainingDevicePath The remaining device path.
-
- @retval EFI_SUCCESS The driver supports this controller.
- @retval other This device isn't supported.
-
-**/
-EFI_STATUS
-EFIAPI
-DcsIntBindingSupported (
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
- );
+typedef EFI_STATUS (*DCS_IMPL)(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable);
/**
- Starts the BlockIo device with this driver.
+ VeraCrypt Implementation
- @param This The driver binding protocol.
- @param Controller The Block MMIO device to start on
- @param RemainingDevicePath The remaining device path.
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
- @retval EFI_SUCCESS This driver supports this device.
- @retval EFI_UNSUPPORTED This driver does not support this device.
- @retval EFI_DEVICE_ERROR This driver cannot be started due to device Error.
- @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
- @retval EFI_ALREADY_STARTED This driver has been started.
+ @retval EFI_SUCCESS The entry point executed successfully.
+ @retval other Some error occur when executing this entry point.
**/
EFI_STATUS
-EFIAPI
-DcsIntBindingStart (
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
+DcsVeraCrypt(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
);
/**
- Stop controlling the device.
+ DiskCryptor Implementation
- @param This The driver binding
- @param Controller The device controller controlled by the driver.
- @param NumberOfChildren The number of children of this device
- @param ChildHandleBuffer The buffer of children handle.
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
- @retval EFI_SUCCESS The driver stopped from controlling the device.
- @retval EFI_DEVICE_ERROR The device could not be stopped due to a device error.
- @retval EFI_UNSUPPORTED Block I/O Protocol is not installed on Controller.
- @retval Others Failed to stop the driver
+ @retval EFI_SUCCESS The entry point executed successfully.
+ @retval other Some error occur when executing this entry point.
**/
EFI_STATUS
-EFIAPI
-DcsIntBindingStop (
- IN EFI_DRIVER_BINDING_PROTOCOL *This,
- IN EFI_HANDLE Controller,
- IN UINTN NumberOfChildren,
- IN EFI_HANDLE *ChildHandleBuffer
+DcsDiskCryptor(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
);
-//
-// Functions for Block I/O Protocol
-//
-
-//
-// EFI Component Name Functions
-//
-
-/**
- Retrieves a Unicode string that is the user readable name of the driver.
-
- This function retrieves the user readable name of a driver in the form of a
- Unicode string. If the driver specified by This has a user readable name in
- the language specified by Language, then a pointer to the driver name is
- returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
- by This does not support the language specified by Language,
- then EFI_UNSUPPORTED is returned.
-
- @param This A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
- EFI_COMPONENT_NAME_PROTOCOL instance.
- @param Language A pointer to a Null-terminated ASCII string
- array indicating the language. This is the
- language of the driver name that the caller is
- requesting, and it must match one of the
- languages specified in SupportedLanguages. The
- number of languages supported by a driver is up
- to the driver writer. Language is specified
- in RFC 4646 or ISO 639-2 language code format.
- @param DriverName A pointer to the Unicode string to return.
- This Unicode string is the name of the
- driver specified by This in the language
- specified by Language.
-
- @retval EFI_SUCCESS The Unicode string for the Driver specified by
- This and the language specified by Language was
- returned in DriverName.
- @retval EFI_INVALID_PARAMETER Language is NULL.
- @retval EFI_INVALID_PARAMETER DriverName is NULL.
- @retval EFI_UNSUPPORTED The driver specified by This does not support
- the language specified by Language.
-
-**/
-EFI_STATUS
-EFIAPI
-DcsIntComponentNameGetDriverName (
- IN EFI_COMPONENT_NAME_PROTOCOL *This,
- IN CHAR8 *Language,
- OUT CHAR16 **DriverName
- );
-
-/**
- Retrieves a Unicode string that is the user readable name of the controller
- that is being managed by a driver.
-
- This function retrieves the user readable name of the controller specified by
- ControllerHandle and ChildHandle in the form of a Unicode string. If the
- driver specified by This has a user readable name in the language specified by
- Language, then a pointer to the controller name is returned in ControllerName,
- and EFI_SUCCESS is returned. If the driver specified by This is not currently
- managing the controller specified by ControllerHandle and ChildHandle,
- then EFI_UNSUPPORTED is returned. If the driver specified by This does not
- support the language specified by Language, then EFI_UNSUPPORTED is returned.
-
- @param This A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
- EFI_COMPONENT_NAME_PROTOCOL instance.
- @param ControllerHandle The handle of a controller that the driver
- specified by This is managing. This handle
- specifies the controller whose name is to be
- returned.
- @param ChildHandle The handle of the child controller to retrieve
- the name of. This is an optional parameter that
- may be NULL. It will be NULL for device
- drivers. It will also be NULL for a bus drivers
- that wish to retrieve the name of the bus
- controller. It will not be NULL for a bus
- driver that wishes to retrieve the name of a
- child controller.
- @param Language A pointer to a Null-terminated ASCII string
- array indicating the language. This is the
- language of the driver name that the caller is
- requesting, and it must match one of the
- languages specified in SupportedLanguages. The
- number of languages supported by a driver is up
- to the driver writer. Language is specified in
- RFC 4646 or ISO 639-2 language code format.
- @param ControllerName A pointer to the Unicode string to return.
- This Unicode string is the name of the
- controller specified by ControllerHandle and
- ChildHandle in the language specified by
- Language from the point of view of the driver
- specified by This.
-
- @retval EFI_SUCCESS The Unicode string for the user readable name in
- the language specified by Language for the
- driver specified by This was returned in
- DriverName.
- @retval EFI_INVALID_PARAMETER ControllerHandle is not a valid EFI_HANDLE.
- @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
- EFI_HANDLE.
- @retval EFI_INVALID_PARAMETER Language is NULL.
- @retval EFI_INVALID_PARAMETER ControllerName is NULL.
- @retval EFI_UNSUPPORTED The driver specified by This is not currently
- managing the controller specified by
- ControllerHandle and ChildHandle.
- @retval EFI_UNSUPPORTED The driver specified by This does not support
- the language specified by Language.
-
-**/
-EFI_STATUS
-EFIAPI
-DcsIntComponentNameGetControllerName (
- IN EFI_COMPONENT_NAME_PROTOCOL *This,
- IN EFI_HANDLE ControllerHandle,
- IN EFI_HANDLE ChildHandle OPTIONAL,
- IN CHAR8 *Language,
- OUT CHAR16 **ControllerName
- );
-
-
#endif
\ No newline at end of file
diff --git a/DcsInt/DcsInt.inf b/DcsInt/DcsInt.inf
index 1fa0a4c..97e86a3 100644
--- a/DcsInt/DcsInt.inf
+++ b/DcsInt/DcsInt.inf
@@ -2,6 +2,7 @@
#
# Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
# Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+# Copyright (c) 2019. DiskCryptor, David Xanatos
#
# This program and the accompanying materials are licensed and made available
# under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
@@ -28,8 +29,7 @@
[Sources]
DcsInt.c
DcsInt.h
- DcsIntName.c
-
+
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
@@ -44,7 +44,9 @@
CommonLib
PasswordLib
DcsCfgLib
+ DcsIntLib
VeraCryptLib
+ DiskCryptorLib
[Protocols]
gEfiBlockIoProtocolGuid
diff --git a/DcsInt/DcsInt.vcxproj b/DcsInt/DcsInt.vcxproj
new file mode 100644
index 0000000..615a335
--- /dev/null
+++ b/DcsInt/DcsInt.vcxproj
@@ -0,0 +1,97 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Library\DiskCryptorLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Library\DiskCryptorLib
+
+
+ DcsInt.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Library\DiskCryptorLib
+
+
+ DcsInt.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Library\DiskCryptorLib
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsInt/DcsInt.vcxproj.filters b/DcsInt/DcsInt.vcxproj.filters
new file mode 100644
index 0000000..8a12698
--- /dev/null
+++ b/DcsInt/DcsInt.vcxproj.filters
@@ -0,0 +1,32 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+
+
+ Header Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsInt/DcsInt.vcxproj.user b/DcsInt/DcsInt.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsInt/DcsInt.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/DcsPkg.dec b/DcsPkg.dec
index 0a27256..1a16325 100644
--- a/DcsPkg.dec
+++ b/DcsPkg.dec
@@ -16,12 +16,14 @@
Include
Library/VeraCryptLib
Library/VeraCryptLib/crypto
+ Library/DiskCryptorLib
[LibraryClasses]
CommonLib|Include/Library/CommonLib.h
GraphLib|Include/Library/GraphLib.h
PasswordLib|Include/Library/PasswordLib.h
DcsCfgLib|Include/Library/DcsCfgLib.h
+ DcsIntLib|Include/Library/DcsIntLib.h
[Guids]
# Include/CommonLib.h
diff --git a/DcsPkg.dsc b/DcsPkg.dsc
index c018884..7457d42 100644
--- a/DcsPkg.dsc
+++ b/DcsPkg.dsc
@@ -67,8 +67,10 @@
PasswordLib|DcsPkg/Library/PasswordLib/PasswordLib.inf
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
DcsCfgLib|DcsPkg/Library/DcsCfgLib/DcsCfgLib.inf
+ DcsIntLib|DcsPkg/Library/DcsIntLib/DcsIntLib.inf
DcsTpmLib|DcsPkg/Library/DcsTpmLib/DcsTpmLib.inf
VeraCryptLib|DcsPkg/Library/VeraCryptLib/VeraCryptLib.inf
+ DiskCryptorLib|DcsPkg/Library/DiskCryptorLib/DiskCryptorLib.inf
[LibraryClasses.common.UEFI_APPLICATION]
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
diff --git a/DcsPkg.sln b/DcsPkg.sln
new file mode 100644
index 0000000..7548f8b
--- /dev/null
+++ b/DcsPkg.sln
@@ -0,0 +1,203 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 15
+VisualStudioVersion = 15.0.28307.705
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsAll", "DcsAll.vcxproj", "{A1E1BDBE-46DD-44C5-9F91-09B3B715248F}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsBml", "DcsBml\DcsBml.vcxproj", "{896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsBoot", "DcsBoot\DcsBoot.vcxproj", "{1594FF84-C95D-4F31-9FC6-B6B38EE711A5}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsCfg", "DcsCfg\DcsCfg.vcxproj", "{072E97C4-9478-4945-9ED1-7E1D83F9961A}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsInfo", "DcsInfo\DcsInfo.vcxproj", "{3F03EE1D-2900-4D31-8279-8FA94DD05348}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsInt", "DcsInt\DcsInt.vcxproj", "{1D5B09E3-F5C4-4622-9FE2-3189880B747A}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsRe", "DcsRe\DcsRe.vcxproj", "{C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "DcsPkg", "DcsPkg", "{0606163B-D589-4BD5-BB35-1BE9289DB667}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "LegacySpeaker", "LegacySpeaker\LegacySpeaker.vcxproj", "{5CC585F2-15E8-41FD-A679-0BDC6566992A}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Library", "Library", "{B85DC20F-1026-401A-9202-25A8AAE6AF13}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsCfgLib", "Library\DcsCfgLib\DcsCfgLib.vcxproj", "{925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsTpmLib", "Library\DcsTpmLib\DcsTpmLib.vcxproj", "{AFE577D4-5CC8-4706-975C-7E0A4F6888E1}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "GraphLib", "Library\GraphLib\GraphLib.vcxproj", "{C1457B4D-77E5-4E9E-A210-D624782B7714}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PasswordLib", "Library\PasswordLib\PasswordLib.vcxproj", "{86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "VeraCryptLib", "Library\VeraCryptLib\VeraCryptLib.vcxproj", "{0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "CommonLib", "Library\CommonLib\CommonLib.vcxproj", "{FD53F894-7B5A-495B-886F-4D4A26147767}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DiskCryptorLib", "Library\DiskCryptorLib\DiskCryptorLib.vcxproj", "{53B4FBAB-3988-4B16-9444-F14BB9CEC851}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "DcsIntLib", "Library\DcsIntLib\DcsIntLib.vcxproj", "{34205709-1C3A-43E9-A57C-5EBC5BBD2D89}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|x64 = Debug|x64
+ Debug|x86 = Debug|x86
+ Release|x64 = Release|x64
+ Release|x86 = Release|x86
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Debug|x64.ActiveCfg = Debug|x64
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Debug|x64.Build.0 = Debug|x64
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Debug|x86.ActiveCfg = Debug|Win32
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Debug|x86.Build.0 = Debug|Win32
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Release|x64.ActiveCfg = Release|x64
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Release|x64.Build.0 = Release|x64
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Release|x86.ActiveCfg = Release|Win32
+ {A1E1BDBE-46DD-44C5-9F91-09B3B715248F}.Release|x86.Build.0 = Release|Win32
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Debug|x64.ActiveCfg = Debug|x64
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Debug|x64.Build.0 = Debug|x64
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Debug|x86.ActiveCfg = Debug|Win32
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Debug|x86.Build.0 = Debug|Win32
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Release|x64.ActiveCfg = Release|x64
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Release|x64.Build.0 = Release|x64
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Release|x86.ActiveCfg = Release|Win32
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026}.Release|x86.Build.0 = Release|Win32
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Debug|x64.ActiveCfg = Debug|x64
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Debug|x64.Build.0 = Debug|x64
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Debug|x86.ActiveCfg = Debug|Win32
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Debug|x86.Build.0 = Debug|Win32
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Release|x64.ActiveCfg = Release|x64
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Release|x64.Build.0 = Release|x64
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Release|x86.ActiveCfg = Release|Win32
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5}.Release|x86.Build.0 = Release|Win32
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Debug|x64.ActiveCfg = Debug|x64
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Debug|x64.Build.0 = Debug|x64
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Debug|x86.ActiveCfg = Debug|Win32
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Debug|x86.Build.0 = Debug|Win32
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Release|x64.ActiveCfg = Release|x64
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Release|x64.Build.0 = Release|x64
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Release|x86.ActiveCfg = Release|Win32
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A}.Release|x86.Build.0 = Release|Win32
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Debug|x64.ActiveCfg = Debug|x64
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Debug|x64.Build.0 = Debug|x64
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Debug|x86.ActiveCfg = Debug|Win32
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Debug|x86.Build.0 = Debug|Win32
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Release|x64.ActiveCfg = Release|x64
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Release|x64.Build.0 = Release|x64
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Release|x86.ActiveCfg = Release|Win32
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348}.Release|x86.Build.0 = Release|Win32
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Debug|x64.ActiveCfg = Debug|x64
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Debug|x64.Build.0 = Debug|x64
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Debug|x86.ActiveCfg = Debug|Win32
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Debug|x86.Build.0 = Debug|Win32
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Release|x64.ActiveCfg = Release|x64
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Release|x64.Build.0 = Release|x64
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Release|x86.ActiveCfg = Release|Win32
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A}.Release|x86.Build.0 = Release|Win32
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Debug|x64.ActiveCfg = Debug|x64
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Debug|x64.Build.0 = Debug|x64
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Debug|x86.ActiveCfg = Debug|Win32
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Debug|x86.Build.0 = Debug|Win32
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Release|x64.ActiveCfg = Release|x64
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Release|x64.Build.0 = Release|x64
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Release|x86.ActiveCfg = Release|Win32
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}.Release|x86.Build.0 = Release|Win32
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Debug|x64.ActiveCfg = Debug|x64
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Debug|x64.Build.0 = Debug|x64
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Debug|x86.ActiveCfg = Debug|Win32
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Debug|x86.Build.0 = Debug|Win32
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Release|x64.ActiveCfg = Release|x64
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Release|x64.Build.0 = Release|x64
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Release|x86.ActiveCfg = Release|Win32
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}.Release|x86.Build.0 = Release|Win32
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Debug|x64.ActiveCfg = Debug|x64
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Debug|x64.Build.0 = Debug|x64
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Debug|x86.ActiveCfg = Debug|Win32
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Debug|x86.Build.0 = Debug|Win32
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Release|x64.ActiveCfg = Release|x64
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Release|x64.Build.0 = Release|x64
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Release|x86.ActiveCfg = Release|Win32
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}.Release|x86.Build.0 = Release|Win32
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Debug|x64.ActiveCfg = Debug|x64
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Debug|x64.Build.0 = Debug|x64
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Debug|x86.ActiveCfg = Debug|Win32
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Debug|x86.Build.0 = Debug|Win32
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Release|x64.ActiveCfg = Release|x64
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Release|x64.Build.0 = Release|x64
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Release|x86.ActiveCfg = Release|Win32
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}.Release|x86.Build.0 = Release|Win32
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Debug|x64.ActiveCfg = Debug|x64
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Debug|x64.Build.0 = Debug|x64
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Debug|x86.ActiveCfg = Debug|Win32
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Debug|x86.Build.0 = Debug|Win32
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Release|x64.ActiveCfg = Release|x64
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Release|x64.Build.0 = Release|x64
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Release|x86.ActiveCfg = Release|Win32
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}.Release|x86.Build.0 = Release|Win32
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Debug|x64.ActiveCfg = Debug|x64
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Debug|x64.Build.0 = Debug|x64
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Debug|x86.ActiveCfg = Debug|Win32
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Debug|x86.Build.0 = Debug|Win32
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Release|x64.ActiveCfg = Release|x64
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Release|x64.Build.0 = Release|x64
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Release|x86.ActiveCfg = Release|Win32
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}.Release|x86.Build.0 = Release|Win32
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Debug|x64.ActiveCfg = Debug|x64
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Debug|x64.Build.0 = Debug|x64
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Debug|x86.ActiveCfg = Debug|Win32
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Debug|x86.Build.0 = Debug|Win32
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Release|x64.ActiveCfg = Release|x64
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Release|x64.Build.0 = Release|x64
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Release|x86.ActiveCfg = Release|Win32
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}.Release|x86.Build.0 = Release|Win32
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Debug|x64.ActiveCfg = Debug|x64
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Debug|x64.Build.0 = Debug|x64
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Debug|x86.ActiveCfg = Debug|Win32
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Debug|x86.Build.0 = Debug|Win32
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Release|x64.ActiveCfg = Release|x64
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Release|x64.Build.0 = Release|x64
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Release|x86.ActiveCfg = Release|Win32
+ {FD53F894-7B5A-495B-886F-4D4A26147767}.Release|x86.Build.0 = Release|Win32
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Debug|x64.ActiveCfg = Debug|x64
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Debug|x64.Build.0 = Debug|x64
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Debug|x86.ActiveCfg = Debug|Win32
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Debug|x86.Build.0 = Debug|Win32
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Release|x64.ActiveCfg = Release|x64
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Release|x64.Build.0 = Release|x64
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Release|x86.ActiveCfg = Release|Win32
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}.Release|x86.Build.0 = Release|Win32
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Debug|x64.ActiveCfg = Debug|x64
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Debug|x64.Build.0 = Debug|x64
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Debug|x86.ActiveCfg = Debug|Win32
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Debug|x86.Build.0 = Debug|Win32
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Release|x64.ActiveCfg = Release|x64
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Release|x64.Build.0 = Release|x64
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Release|x86.ActiveCfg = Release|Win32
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}.Release|x86.Build.0 = Release|Win32
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(NestedProjects) = preSolution
+ {896F3AA1-C0A5-40DA-84BE-1BB8BCDDC026} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {1594FF84-C95D-4F31-9FC6-B6B38EE711A5} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {072E97C4-9478-4945-9ED1-7E1D83F9961A} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {3F03EE1D-2900-4D31-8279-8FA94DD05348} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {1D5B09E3-F5C4-4622-9FE2-3189880B747A} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {B85DC20F-1026-401A-9202-25A8AAE6AF13} = {0606163B-D589-4BD5-BB35-1BE9289DB667}
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {C1457B4D-77E5-4E9E-A210-D624782B7714} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {FD53F894-7B5A-495B-886F-4D4A26147767} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89} = {B85DC20F-1026-401A-9202-25A8AAE6AF13}
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ SolutionGuid = {ACF60839-7A48-429B-9F49-D1CE17F4F420}
+ EndGlobalSection
+EndGlobal
diff --git a/DcsRe/DcsRe.c b/DcsRe/DcsRe.c
index 84f1fee..a800645 100644
--- a/DcsRe/DcsRe.c
+++ b/DcsRe/DcsRe.c
@@ -3,6 +3,7 @@
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials
are licensed and made available under the terms and conditions
@@ -18,7 +19,7 @@ The full text of the license may be found at
#include
#include
#include
-#include "common/Tcdefs.h"
+#include
#ifdef _M_X64
#define ARCHdot L"x64."
@@ -28,8 +29,10 @@ The full text of the license may be found at
#define ARCHdotEFI L"IA32.efi"
#endif
+#define NO_CONF_UTIL
+
CONST CHAR8* g_szMsBootString = "bootmgfw.pdb";
-CONST CHAR16* g_szVcBootString = L"VeraCrypt";
+CONST CHAR16* g_szVcBootString = _T(DCS_CAPTION);
//////////////////////////////////////////////////////////////////////////
// Menu
@@ -118,11 +121,20 @@ ActionShell(IN VOID* ctx) {
return EfiExec(NULL, L"EFI\\Shell\\Shell.efi");
}
+CHAR16* sRecoveryKey = OPT_EXTERN_KEY;
+CHAR16* sDcsBoot = L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi";
+
+EFI_STATUS
+ActionDcsRecoveryBoot(IN VOID* ctx) {
+ EfiSetVar(L"DcsExecMode", NULL, sRecoveryKey, StrSize(sRecoveryKey), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ return EfiExec(gFileRootHandle, sDcsBoot);
+}
+
EFI_STATUS
ActionDcsBoot(IN VOID* ctx) {
SelectEfiVolume();
if (EfiBootVolume == NULL) return EFI_NOT_READY;
- return EfiExec(gFSHandles[EfiBootVolumeIndex], L"EFI\\VeraCrypt\\DcsBoot.efi");
+ return EfiExec(gFSHandles[EfiBootVolumeIndex], sDcsBoot);
}
EFI_STATUS
@@ -165,11 +177,11 @@ ActionWindowsBoot(IN VOID* ctx) {
}
CHAR16* DcsBootBins[] = {
- L"EFI\\VeraCrypt\\DcsBoot.efi",
- L"EFI\\VeraCrypt\\DcsInt.dcs",
- L"EFI\\VeraCrypt\\DcsBml.dcs",
- L"EFI\\VeraCrypt\\DcsCfg.dcs",
- L"EFI\\VeraCrypt\\LegacySpeaker.dcs"
+ L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi",
+ L"EFI\\" DCS_DIRECTORY L"\\DcsInt.dcs",
+ L"EFI\\" DCS_DIRECTORY L"\\DcsBml.dcs",
+ L"EFI\\" DCS_DIRECTORY L"\\DcsCfg.dcs",
+ L"EFI\\" DCS_DIRECTORY L"\\LegacySpeaker.dcs"
};
/**
@@ -182,12 +194,15 @@ ActionRestoreDcsLoader(IN VOID* ctx) {
SelectEfiVolume();
if (EfiBootVolume == NULL) return EFI_NOT_READY;
- DirectoryCreate (EfiBootVolume, L"EFI\\VeraCrypt");
+ DirectoryCreate (EfiBootVolume, L"EFI\\" DCS_DIRECTORY);
for (i = 0; i < sizeof(DcsBootBins) / sizeof(CHAR16*); ++i) {
res = FileCopy(NULL, DcsBootBins[i], EfiBootVolume, DcsBootBins[i], 1024 * 1024);
if (EFI_ERROR(res)) return res;
}
+
+ if (!AskConfirm("Do you want to replace the default windows loader with the " DCS_CAPTION " one? [N]", 1)) goto done;
+
/* restore standard boot file */
if (!EFI_ERROR(FileExist(EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI)))
{
@@ -201,11 +216,11 @@ ActionRestoreDcsLoader(IN VOID* ctx) {
{
res = FileCopy(EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, EfiBootVolume, L"\\EFI\\Boot\\original_boot" ARCHdot L"vc_backup", 1024 * 1024);
if (!EFI_ERROR(res))
- res = FileCopy(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
+ res = FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
}
else if ((fileSize <= 32768) && !EFI_ERROR(MemoryHasPattern(fileData, fileSize, g_szVcBootString, StrLen (g_szVcBootString) * 2)))
{
- res = FileCopy(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
+ res = FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
}
MEM_FREE(fileData);
@@ -214,7 +229,7 @@ ActionRestoreDcsLoader(IN VOID* ctx) {
}
else if (!EFI_ERROR(FileExist(EfiBootVolume, L"\\EFI\\Boot\\original_boot" ARCHdot L"vc_backup")))
{
- res = FileCopy(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
+ res = FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi", EfiBootVolume, L"EFI\\Boot\\boot" ARCHdotEFI, 1024 * 1024);
if (EFI_ERROR(res)) return res;
}
@@ -236,22 +251,23 @@ ActionRestoreDcsLoader(IN VOID* ctx) {
if (EFI_ERROR(res)) return res;
}
- res = FileCopy(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi", EfiBootVolume, L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", 1024 * 1024);
+ res = FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi", EfiBootVolume, L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", 1024 * 1024);
if (EFI_ERROR(res)) return res;
}
else if (!EFI_ERROR(FileExist(EfiBootVolume, L"\\EFI\\Microsoft\\Boot\\bootmgfw_ms.vc")))
{
- res = FileCopy(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi", EfiBootVolume, L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", 1024 * 1024);
+ res = FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi", EfiBootVolume, L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi", 1024 * 1024);
if (EFI_ERROR(res)) return res;
}
-
- OUT_PRINT (L"\nVeraCrypt Loader restored to disk successfully\n\n");
+
+done:
+ OUT_PRINT (L"\n" _T(DCS_CAPTION) L" Loader restored to disk successfully\n\n");
return EFI_SUCCESS;
}
-CHAR16* sDcsBootEfi = L"EFI\\VeraCrypt\\DcsBoot.efi";
-CHAR16* sDcsBootEfiDesc = L"VeraCrypt(DCS) loader";
+CHAR16* sDcsBootEfi = L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi";
+CHAR16* sDcsBootEfiDesc = _T(DCS_CAPTION) L"(DCS) loader";
/**
Update boot menu
*/
@@ -284,30 +300,32 @@ EFI_STATUS
ActionRestoreDcsProp(IN VOID* ctx) {
SelectEfiVolume();
if (EfiBootVolume == NULL) return EFI_NOT_READY;
- return FileCopy(NULL, L"EFI\\VeraCrypt\\DcsProp", EfiBootVolume, L"EFI\\VeraCrypt\\DcsProp", 1024*1024);
+ return FileCopy(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsProp", EfiBootVolume, L"EFI\\" DCS_DIRECTORY L"\\DcsProp", 1024*1024);
}
+#ifndef NO_CONF_UTIL
+
#define OPT_OS_DECRYPT L"-osdecrypt"
#define OPT_OS_RESTORE_KEY L"-osrestorekey"
CHAR16* sOSDecrypt = OPT_OS_DECRYPT;
CHAR16* sOSRestoreKey = OPT_OS_RESTORE_KEY;
-CHAR16* sDcsCfg = L"EFI\\VeraCrypt\\DcsCfg.dcs";
+CHAR16* sDcsCfg = L"EFI\\" DCS_DIRECTORY L"\\DcsCfg.dcs";
EFI_STATUS
ActionRestoreHeader(IN VOID* ctx) {
- EFI_STATUS res = EFI_NOT_READY;
- res = EfiSetVar(L"dcscfgcmd", NULL, sOSRestoreKey, StrSize(sOSRestoreKey), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ EfiSetVar(L"dcscfgcmd", NULL, sOSRestoreKey, StrSize(sOSRestoreKey), EFI_VARIABLE_BOOTSERVICE_ACCESS);
return EfiExec(NULL, sDcsCfg);
}
EFI_STATUS
ActionDecryptOS(IN VOID* ctx) {
- EFI_STATUS res = EFI_NOT_READY;
- res = EfiSetVar(L"dcscfgcmd", NULL, sOSDecrypt, StrSize(sOSDecrypt), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ EfiSetVar(L"dcscfgcmd", NULL, sOSDecrypt, StrSize(sOSDecrypt), EFI_VARIABLE_BOOTSERVICE_ACCESS);
return EfiExec(NULL, sDcsCfg);
}
+#endif
+
EFI_STATUS
ActionExit(IN VOID* ctx) {
gContiniue = FALSE;
@@ -317,7 +335,7 @@ ActionExit(IN VOID* ctx) {
EFI_STATUS
ActionHelp(IN VOID* ctx) {
OUT_PRINT(L"\
-%HRescue disk for VeraCrypt OS encryption%N\n\r\
+%HRescue disk for " _T(DCS_CAPTION) L" OS encryption%N\n\r\
Help message to be defined\n\r\
");
return EFI_SUCCESS;
@@ -340,34 +358,45 @@ DcsReMain(
IN EFI_SYSTEM_TABLE *SystemTable
)
{
- EFI_STATUS res;
+ EFI_STATUS res;
EFI_INPUT_KEY key;
PMENU_ITEM item = gMenu;
+
+#ifdef DEBUG_BUILD
+ OUT_PRINT(L"DcsRe - DEBUG Build %s %s\n", _T(__DATE__), _T(__TIME__));
+#endif
+
InitBio();
- res = InitFS();
- if (EFI_ERROR(res)) {
+ res = InitFS();
+ if (EFI_ERROR(res)) {
ERR_PRINT(L"InitFS %r\n", res);
return res;
- }
+ }
- if (!EFI_ERROR(DirectoryExists(NULL, L"EFI\\VeraCrypt")))
+ if (!EFI_ERROR(DirectoryExists(NULL, L"EFI\\" DCS_DIRECTORY)))
{
- item = DcsMenuAppend(NULL, L"Decrypt OS", 'd', ActionDecryptOS, NULL);
+ item = DcsMenuAppend(NULL, L"Boot " _T(DCS_CAPTION) L" loader from system disk", 'b', ActionDcsBoot, NULL);
gMenu = item;
- item = DcsMenuAppend(item, L"Restore VeraCrypt loader to boot menu", 'm', ActionRestoreDcsBootMenu, NULL);
- item = DcsMenuAppend(item, L"Remove VeraCrypt loader from boot menu", 'z' , ActionRemoveDcsBootMenu, NULL);
- if (!EFI_ERROR(FileExist(NULL, L"EFI\\VeraCrypt\\DcsProp"))) {
- item = DcsMenuAppend(item, L"Restore VeraCrypt loader configuration to system disk", 'c', ActionRestoreDcsProp, NULL);
+#ifndef NO_CONF_UTIL
+ item = DcsMenuAppend(item, L"Decrypt OS", 'd', ActionDecryptOS, NULL);
+#endif
+ item = DcsMenuAppend(item, L"Restore " _T(DCS_CAPTION) L" loader to boot menu", 'm', ActionRestoreDcsBootMenu, NULL);
+ item = DcsMenuAppend(item, L"Remove " _T(DCS_CAPTION) L" loader from boot menu", 'z' , ActionRemoveDcsBootMenu, NULL);
+
+ if (!EFI_ERROR(FileExist(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsProp"))) {
+ item = DcsMenuAppend(item, L"Restore " _T(DCS_CAPTION) L" loader configuration to system disk", 'c', ActionRestoreDcsProp, NULL);
}
- if (!EFI_ERROR(FileExist(NULL, L"EFI\\VeraCrypt\\svh_bak"))) {
+#ifndef NO_CONF_UTIL
+ if (!EFI_ERROR(FileExist(NULL, L"EFI\\" DCS_DIRECTORY L"\\svh_bak"))) {
item = DcsMenuAppend(item, L"Restore OS header keys", 'k', ActionRestoreHeader, NULL);
}
+#endif
- if (!EFI_ERROR(FileExist(NULL, L"EFI\\VeraCrypt\\DcsBoot.efi"))) {
- item = DcsMenuAppend(item, L"Restore VeraCrypt loader binaries to system disk", 'r', ActionRestoreDcsLoader, NULL);
- item = DcsMenuAppend(item, L"Boot VeraCrypt loader from rescue disk", 'v', ActionDcsBoot, NULL);
+ if (!EFI_ERROR(FileExist(NULL, L"EFI\\" DCS_DIRECTORY L"\\DcsBoot.efi"))) {
+ item = DcsMenuAppend(item, L"Restore " _T(DCS_CAPTION) L" loader binaries to system disk", 'r', ActionRestoreDcsLoader, NULL);
+ item = DcsMenuAppend(item, L"Boot " _T(DCS_CAPTION) L" loader from rescue disk", 'v', ActionDcsRecoveryBoot, NULL);
}
item = DcsMenuAppend(item, L"Boot Original Windows Loader", 'o', ActionWindowsBoot, NULL);
@@ -382,7 +411,7 @@ DcsReMain(
item = DcsMenuAppend(item, L"Help", 'h', ActionHelp, NULL);
item = DcsMenuAppend(item, L"Exit", 'e', ActionExit, NULL);
- OUT_PRINT(L"%V%a rescue disk %a%N\n", TC_APP_NAME, VERSION_STRING);
+ OUT_PRINT(L"%V" _T(DCS_CAPTION) L" rescue disk %d.%02d%N\n", DCS_VERSION / 100, DCS_VERSION % 100);
gBS->SetWatchdogTimer(0, 0, 0, NULL);
do {
DcsMenuPrint(gMenu);
@@ -405,7 +434,7 @@ DcsReMain(
}
else
{
- /* No VeraCrypt folder. Boot directly from the hard drive */
+ /* No DCS folder. Boot directly from the hard drive */
res = ActionDcsBoot (NULL);
if (EFI_ERROR(res)) {
ERR_PRINT(L"%r\n", res);
diff --git a/DcsRe/DcsRe.vcxproj b/DcsRe/DcsRe.vcxproj
new file mode 100644
index 0000000..54cd2e8
--- /dev/null
+++ b/DcsRe/DcsRe.vcxproj
@@ -0,0 +1,94 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {C3D771FF-F126-4CBE-AB4C-78E08EBCA82F}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsRe.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ DcsRe.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/DcsRe/DcsRe.vcxproj.filters b/DcsRe/DcsRe.vcxproj.filters
new file mode 100644
index 0000000..536f0e4
--- /dev/null
+++ b/DcsRe/DcsRe.vcxproj.filters
@@ -0,0 +1,27 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/DcsRe/DcsRe.vcxproj.user b/DcsRe/DcsRe.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/DcsRe/DcsRe.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Dcs_bld.bat b/Dcs_bld.bat
index a18a4c8..2c6a9d2 100644
--- a/Dcs_bld.bat
+++ b/Dcs_bld.bat
@@ -1,3 +1,4 @@
+@echo off
pushd "%~dp0"
set dcsarch=X64
diff --git a/Include/DcsConfig.h b/Include/DcsConfig.h
new file mode 100644
index 0000000..394d49b
--- /dev/null
+++ b/Include/DcsConfig.h
@@ -0,0 +1,66 @@
+/** @file
+DCS configurationDCS configuration
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the Apache License, Version 2.0.
+
+The full text of the license may be found at
+https://opensource.org/licenses/Apache-2.0
+**/
+
+#ifndef __DCSCONFIG_H__
+#define __DCSCONFIG_H__
+
+#include
+
+#define _T2(x) L##x
+#define _T(x) _T2(x)
+
+//////////////////////////////////////////////////////////////////////////
+// Build Config
+//////////////////////////////////////////////////////////////////////////
+
+//#define DEBUG_BUILD
+
+#define DCS_DIRECTORY L"DCS"
+
+#define DCS_CAPTION "Disk Crypto" //Disk Crypto graphy Services
+#define DCS_VERSION 200 // 2.00
+
+#define NO_BML
+
+//#define DCS_SINGLE_MODULE 0xDC // disk cryptor
+#define DCS_SINGLE_MODULE 0x4C // vera crypt
+
+#define OPT_EXTERN_KEY L"-extern"
+
+//////////////////////////////////////////////////////////////////////////
+// Dynamic Config
+//////////////////////////////////////////////////////////////////////////
+#define CONFIG_FILE_PATH L"\\EFI\\" DCS_DIRECTORY L"\\DcsProp"
+
+extern char *gConfigBuffer;
+extern UINTN gConfigBufferSize;
+extern char *gConfigBufferUpdated;
+extern UINTN gConfigBufferUpdatedSize;
+extern BOOLEAN gConfigDebug;
+extern BOOLEAN gExternMode;
+
+BOOLEAN InitConfig(CHAR16* configFileName);
+BOOLEAN ConfigRead(char *configKey, char *configValue, int maxValueSize);
+int ConfigReadInt(char *configKey, int defaultValue);
+__int64 ConfigReadInt64(char *configKey, __int64 defaultValue);
+char *ConfigReadString(char *configKey, char *defaultValue, char *str, int maxLen);
+CHAR16 *ConfigReadStringW(char *configKey, CHAR16 *defaultValue, CHAR16 *str, int maxLen);
+
+BOOLEAN InitParams();
+
+VOID SetCleanSensitiveDataFunc(void(*cleanSensitiveData)(BOOLEAN));
+VOID CleanSensitiveData(BOOLEAN panic);
+
+#endif
diff --git a/Include/DeListDefines.h b/Include/DeListDefines.h
new file mode 100644
index 0000000..d24b11b
--- /dev/null
+++ b/Include/DeListDefines.h
@@ -0,0 +1,164 @@
+/** @file
+DCS configuration
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the [to be defined License, Version]. The full text of the license may be found at
+[opensource license to be defined]
+**/
+
+#ifndef __DCSCFGDEFS_H__
+#define __DCSCFGDEFS_H__
+
+#ifdef _UEFI
+#include
+#endif
+
+#define DCS_DISK_ENTRY_LIST_HEADER_SIGN SIGNATURE_64 ('D','C','S','D','E','L','S','T')
+
+#ifndef CSTATIC_ASSERT
+#define CSTATIC_ASSERT(b, name) typedef int StaticAssertFailed##name[b ? 1 : -1];
+#endif
+
+#define DE_IDX_CRYPTOHEADER 0
+#define DE_IDX_LIST 1
+#define DE_IDX_DISKID 2
+#define DE_IDX_MAINGPTHDR 3
+#define DE_IDX_MAINGPTENTRYS 4
+#define DE_IDX_ALTGPTHDR 5
+#define DE_IDX_ALTGPTENTRYS 6
+#define DE_IDX_EXEC 7
+#define DE_IDX_PWDCACHE 8
+#define DE_IDX_RND 9
+#define DE_IDX_TOTAL 10
+CSTATIC_ASSERT(DE_IDX_TOTAL <= 15, DE_IDX_TOTAL_too_big);
+
+enum DcsDiskEntryTypes {
+ DE_Unused = 0,
+ DE_Sectors,
+ DE_List,
+ DE_DISKID,
+ DE_ExecParams,
+ DE_PwdCache,
+ DE_Rnd
+};
+
+#pragma pack(1)
+typedef struct _SECREGION_BOOT_PARAMS {
+ UINT64 Ptr;
+ UINT32 Size;
+ UINT32 Crc;
+} SECREGION_BOOT_PARAMS;
+
+typedef struct {
+ UINT32 Data1;
+ UINT16 Data2;
+ UINT16 Data3;
+ UINT8 Data4[8];
+} DCS_GUID;
+
+// DE types
+typedef struct _DCS_DISK_ENTRY_SECTORS {
+ UINT32 Type;
+ UINT32 Offset; // Offset in memory
+ UINT64 Reserved;
+ UINT64 Start; // Start on disk (byte)
+ UINT64 Length; // length on disk (byte)
+} DCS_DISK_ENTRY_SECTORS;
+CSTATIC_ASSERT(sizeof(DCS_DISK_ENTRY_SECTORS) == 32, Wrong_size_DCS_DISK_ENTRY_SECTORS);
+
+typedef struct _DCS_DISK_ENTRY_PARAMS {
+ UINT32 Type;
+ UINT32 Offset;
+ UINT64 Reserved[2];
+ UINT64 Length; // size of data
+} DCS_DISK_ENTRY_PARAMS;
+CSTATIC_ASSERT(sizeof(DCS_DISK_ENTRY_PARAMS) == 32, Wrong_size_DCS_DISK_ENTRY_PARAMS);
+
+typedef struct _DCS_DISK_ENTRY_DISKID {
+ UINT32 Type;
+ UINT32 MbrID;
+ UINT64 ReservedDiskId;
+ DCS_GUID GptID;
+} DCS_DISK_ENTRY_DISKID;
+CSTATIC_ASSERT(sizeof(DCS_DISK_ENTRY_DISKID) == 32, Wrong_size_DCS_DISK_ENTRY_DISKID);
+
+#pragma warning(disable:4201)
+typedef struct _DCS_DISK_ENTRY {
+ union {
+ struct {
+ UINT32 Type;
+ UINT32 Offset;
+ UINT8 reserved[16];
+ UINT64 Length; // size of structure at Offset
+ };
+ DCS_DISK_ENTRY_SECTORS Sectors;
+ DCS_DISK_ENTRY_DISKID DiskId;
+ DCS_DISK_ENTRY_PARAMS Prm;
+ };
+} DCS_DISK_ENTRY;
+#pragma warning(default:4201)
+CSTATIC_ASSERT(sizeof(DCS_DISK_ENTRY) == 32, Wrong_size_DCS_DISK_ENTRY);
+
+// Static compile time checks field offsets
+#ifndef FIELD_OFFSET
+#define FIELD_OFFSET(t, f) ((UINTN)(&((t*)0)->f))
+#endif
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Type) == FIELD_OFFSET(DCS_DISK_ENTRY_SECTORS, Type), Wrong_Type_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Type) == FIELD_OFFSET(DCS_DISK_ENTRY_DISKID, Type), Wrong_Type_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Type) == FIELD_OFFSET(DCS_DISK_ENTRY_PARAMS, Type), Wrong_Type_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Length) == FIELD_OFFSET(DCS_DISK_ENTRY_SECTORS, Length), Wrong_Length_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Length) == FIELD_OFFSET(DCS_DISK_ENTRY_PARAMS, Length), Wrong_Length_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Offset) == FIELD_OFFSET(DCS_DISK_ENTRY_SECTORS, Offset), Wrong_Offset_offset);
+CSTATIC_ASSERT(FIELD_OFFSET(DCS_DISK_ENTRY, Offset) == FIELD_OFFSET(DCS_DISK_ENTRY_PARAMS, Offset), Wrong_Offset_offset);
+
+// DE type specific data
+// DE List
+typedef struct _DCS_DISK_ENTRY_LIST {
+ // EFI_TABLE_HEADER
+ UINT64 Signature;
+ UINT32 Revision;
+ UINT32 HeaderSize; //< The size, in bytes, of the entire table including the EFI_TABLE_HEADER.
+ UINT32 CRC32; //< The 32-bit CRC for the entire table. This value is computed by setting this field to 0, and computing the 32-bit CRC for HeaderSize bytes.
+ UINT32 Reserved; //< Reserved field that must be set to 0.
+ //
+ UINT32 Count;
+ UINT32 DataSize;
+ //
+ DCS_DISK_ENTRY DE[15];
+} DCS_DISK_ENTRY_LIST;
+CSTATIC_ASSERT(sizeof(DCS_DISK_ENTRY_LIST) == 512, Wrong_size_DCS_DISK_ENTRY_LIST);
+
+typedef struct _DCS_DEP_EXEC {
+ DCS_GUID ExecPartGuid;
+ UINT16 ExecCmd[248];
+} DCS_DEP_EXEC;
+CSTATIC_ASSERT(sizeof(DCS_DEP_EXEC) == 512, Wrong_size_DCS_DEP_EXEC);
+
+#define DE_MAX_PASSWORD 64 // Maximum possible password length
+
+typedef struct
+{
+ // Modifying this structure can introduce incompatibility with previous versions
+ unsigned __int32 Length;
+ unsigned char Text[DE_MAX_PASSWORD + 1];
+ char Pad[3]; // keep 64-bit alignment
+} DePassword;
+
+#define DCS_DEP_PWD_CACHE_SIGN SIGNATURE_64 ('P','W','D','C','A','C','H','E')
+typedef struct _DCS_DEP_PWD_CACHE {
+ UINT64 Sign;
+ UINT32 CRC;
+ UINT32 Count;
+ DePassword Pwd[4];
+ INT32 Pim[4];
+ UINT8 pad[512 - 8 - 4 - 4 - (sizeof(DePassword) + 4) * 4];
+} DCS_DEP_PWD_CACHE;
+CSTATIC_ASSERT(sizeof(DCS_DEP_PWD_CACHE) == 512, Wrong_size_DCS_DEP_PWD_CACHE);
+#pragma pack()
+
+
+#endif
+
diff --git a/Include/Library/CommonLib.h b/Include/Library/CommonLib.h
index 2cf10d3..cd007d1 100644
--- a/Include/Library/CommonLib.h
+++ b/Include/Library/CommonLib.h
@@ -33,6 +33,8 @@ The full text of the license may be found at
#define EFI_DCS_HALT_REQUESTED ENCODE_ERROR(0xDC50003)
#define EFI_DCS_USER_CANCELED ENCODE_ERROR(0xDC50004)
#define EFI_DCS_POSTEXEC_REQUESTED ENCODE_ERROR(0xDC50005)
+#define EFI_DCS_USER_TIMEOUT ENCODE_ERROR(0xDC50006)
+#define EFI_DCS_DATA_NOT_FOUND ENCODE_ERROR(0xDC50007)
//////////////////////////////////////////////////////////////////////////
// Check error
@@ -111,10 +113,16 @@ EfiGetStartDevice(
// Print handle info
//////////////////////////////////////////////////////////////////////////
-VOID EfiPrintDevicePath(
+VOID
+EfiPrintDevicePath(
IN EFI_HANDLE handle
);
+VOID
+EfiPrintPath(
+ IN EFI_DEVICE_PATH *DevicePath
+ );
+
VOID
EfiPrintProtocols(
IN EFI_HANDLE handle
@@ -448,6 +456,21 @@ DcsStrHexToBytes(
IN CHAR16 *str
);
+//////////////////////////////////////////////////////////////////////////
+// Keyboard Mapper
+//////////////////////////////////////////////////////////////////////////
+
+#define KB_MAP_QWERTY 0
+#define KB_MAP_QWERTZ 1
+#define KB_MAP_AZERTY 2
+
+extern int gKeyboardLayout;
+
+EFI_INPUT_KEY
+MapKeyboardKey(
+ EFI_INPUT_KEY key
+ );
+
//////////////////////////////////////////////////////////////////////////
// Menu
//////////////////////////////////////////////////////////////////////////
diff --git a/Include/Library/DcsCfgLib.h b/Include/Library/DcsCfgLib.h
index 875e2e2..cd3c9ea 100644
--- a/Include/Library/DcsCfgLib.h
+++ b/Include/Library/DcsCfgLib.h
@@ -5,8 +5,10 @@ Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
This program and the accompanying materials
are licensed and made available under the terms and conditions
-of the [to be defined License, Version]. The full text of the license may be found at
-[opensource license to be defined]
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
**/
#ifndef __DCSCFGLIB_H__
@@ -15,6 +17,7 @@ of the [to be defined License, Version]. The full text of the license may be fou
#include
#include "CommonLib.h"
+#include "../DeListDefines.h"
//////////////////////////////////////////////////////////////////////////
// DeList and GPT
@@ -34,9 +37,6 @@ of the [to be defined License, Version]. The full text of the license may be fou
0xDE94BBA4, 0x06D1, 0x06D1, { 0xA1, 0x6A, 0xBF, 0xD5, 0x01, 0x79, 0xD6, 0xAC } \
}
-typedef struct _DCS_DISK_ENTRY_LIST DCS_DISK_ENTRY_LIST;
-typedef struct _DCS_DEP_EXEC DCS_DEP_EXEC;
-
extern EFI_GUID gEfiPartTypeBasicDataPartGuid;
extern EFI_GUID gEfiPartTypeMsReservedPartGuid;
extern EFI_GUID gEfiPartTypeMsRecoveryPartGuid;
diff --git a/Include/Library/DcsIntLib.h b/Include/Library/DcsIntLib.h
new file mode 100644
index 0000000..1183abd
--- /dev/null
+++ b/Include/Library/DcsIntLib.h
@@ -0,0 +1,300 @@
+/** @file
+Library for DCS Block R/W interceptor
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#ifndef __DCSINTLIB_H__
+#define __DCSINTLIB_H__
+
+#include
+#include
+#include
+#include
+#include
+
+#define DCSINT_DRIVER_VERSION 1
+#define DCS_SIGNATURE_16(A, B) ((A) | (B << 8))
+#define DCS_SIGNATURE_32(A, B, C, D) (DCS_SIGNATURE_16 (A, B) | (DCS_SIGNATURE_16 (C, D) << 16))
+
+#define DCSINT_BLOCK_IO_SIGN DCS_SIGNATURE_32('D','C','S', 'I')
+
+extern EFI_COMPONENT_NAME_PROTOCOL gDcsIntComponentName;
+extern EFI_COMPONENT_NAME2_PROTOCOL gDcsIntComponentName2;
+
+typedef struct _DCSINT_MOUNT DCSINT_MOUNT, *PDCSINT_MOUNT;
+
+typedef struct _DCSINT_MOUNT
+{
+ EFI_DEVICE_PATH *DevicePath;
+
+ EFI_BLOCK_READ FilterRead;
+ EFI_BLOCK_WRITE FilterWrite;
+ VOID *FilterParams;
+
+ DCSINT_MOUNT *Next;
+
+} DCSINT_MOUNT, *PDCSINT_MOUNT;
+
+typedef struct _DCSINT_BLOCK_IO DCSINT_BLOCK_IO, *PDCSINT_BLOCK_IO;
+
+typedef struct _DCSINT_BLOCK_IO {
+ UINT32 Sign;
+ EFI_HANDLE Controller;
+
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ EFI_BLOCK_READ LowRead;
+ EFI_BLOCK_WRITE LowWrite;
+ //UINT32 IsReinstalled;
+ VOID *FilterParams;
+
+ DCSINT_BLOCK_IO* Next;
+} DCSINT_BLOCK_IO, *PDCSINT_BLOCK_IO;
+
+//
+// Functions for Driver Binding Protocol
+//
+
+/**
+ Check whether the controller is a supported.
+
+ @param This The driver binding protocol.
+ @param Controller The controller handle to check.
+ @param RemainingDevicePath The remaining device path.
+
+ @retval EFI_SUCCESS The driver supports this controller.
+ @retval other This device isn't supported.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsIntBindingSupported (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
+ );
+
+/**
+ Starts the BlockIo device with this driver.
+
+ @param This The driver binding protocol.
+ @param Controller The Block MMIO device to start on
+ @param RemainingDevicePath The remaining device path.
+
+ @retval EFI_SUCCESS This driver supports this device.
+ @retval EFI_UNSUPPORTED This driver does not support this device.
+ @retval EFI_DEVICE_ERROR This driver cannot be started due to device Error.
+ @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
+ @retval EFI_ALREADY_STARTED This driver has been started.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsIntBindingStart (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
+ );
+
+/**
+ Stop controlling the device.
+
+ @param This The driver binding
+ @param Controller The device controller controlled by the driver.
+ @param NumberOfChildren The number of children of this device
+ @param ChildHandleBuffer The buffer of children handle.
+
+ @retval EFI_SUCCESS The driver stopped from controlling the device.
+ @retval EFI_DEVICE_ERROR The device could not be stopped due to a device error.
+ @retval EFI_UNSUPPORTED Block I/O Protocol is not installed on Controller.
+ @retval Others Failed to stop the driver
+
+**/
+EFI_STATUS
+EFIAPI
+DcsIntBindingStop (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN UINTN NumberOfChildren,
+ IN EFI_HANDLE *ChildHandleBuffer
+ );
+
+//
+// Functions for Block I/O Protocol
+//
+
+//
+// EFI Component Name Functions
+//
+
+/**
+ Retrieves a Unicode string that is the user readable name of the driver.
+
+ This function retrieves the user readable name of a driver in the form of a
+ Unicode string. If the driver specified by This has a user readable name in
+ the language specified by Language, then a pointer to the driver name is
+ returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
+ by This does not support the language specified by Language,
+ then EFI_UNSUPPORTED is returned.
+
+ @param This A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
+ EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param Language A pointer to a Null-terminated ASCII string
+ array indicating the language. This is the
+ language of the driver name that the caller is
+ requesting, and it must match one of the
+ languages specified in SupportedLanguages. The
+ number of languages supported by a driver is up
+ to the driver writer. Language is specified
+ in RFC 4646 or ISO 639-2 language code format.
+ @param DriverName A pointer to the Unicode string to return.
+ This Unicode string is the name of the
+ driver specified by This in the language
+ specified by Language.
+
+ @retval EFI_SUCCESS The Unicode string for the Driver specified by
+ This and the language specified by Language was
+ returned in DriverName.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER DriverName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support
+ the language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsIntComponentNameGetDriverName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN CHAR8 *Language,
+ OUT CHAR16 **DriverName
+ );
+
+/**
+ Retrieves a Unicode string that is the user readable name of the controller
+ that is being managed by a driver.
+
+ This function retrieves the user readable name of the controller specified by
+ ControllerHandle and ChildHandle in the form of a Unicode string. If the
+ driver specified by This has a user readable name in the language specified by
+ Language, then a pointer to the controller name is returned in ControllerName,
+ and EFI_SUCCESS is returned. If the driver specified by This is not currently
+ managing the controller specified by ControllerHandle and ChildHandle,
+ then EFI_UNSUPPORTED is returned. If the driver specified by This does not
+ support the language specified by Language, then EFI_UNSUPPORTED is returned.
+
+ @param This A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
+ EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param ControllerHandle The handle of a controller that the driver
+ specified by This is managing. This handle
+ specifies the controller whose name is to be
+ returned.
+ @param ChildHandle The handle of the child controller to retrieve
+ the name of. This is an optional parameter that
+ may be NULL. It will be NULL for device
+ drivers. It will also be NULL for a bus drivers
+ that wish to retrieve the name of the bus
+ controller. It will not be NULL for a bus
+ driver that wishes to retrieve the name of a
+ child controller.
+ @param Language A pointer to a Null-terminated ASCII string
+ array indicating the language. This is the
+ language of the driver name that the caller is
+ requesting, and it must match one of the
+ languages specified in SupportedLanguages. The
+ number of languages supported by a driver is up
+ to the driver writer. Language is specified in
+ RFC 4646 or ISO 639-2 language code format.
+ @param ControllerName A pointer to the Unicode string to return.
+ This Unicode string is the name of the
+ controller specified by ControllerHandle and
+ ChildHandle in the language specified by
+ Language from the point of view of the driver
+ specified by This.
+
+ @retval EFI_SUCCESS The Unicode string for the user readable name in
+ the language specified by Language for the
+ driver specified by This was returned in
+ DriverName.
+ @retval EFI_INVALID_PARAMETER ControllerHandle is not a valid EFI_HANDLE.
+ @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
+ EFI_HANDLE.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER ControllerName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This is not currently
+ managing the controller specified by
+ ControllerHandle and ChildHandle.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support
+ the language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsIntComponentNameGetControllerName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_HANDLE ChildHandle OPTIONAL,
+ IN CHAR8 *Language,
+ OUT CHAR16 **ControllerName
+ );
+
+/**
+ Adds a crypto mount point for a given device path
+
+ @param[in] DevicePath Device path
+ @param[in] FilterRead pointer to the reader function
+ @param[in] FilterWrite pointer to the writer function
+ @param[in] FilterParams pointer to a custom parameter object as needed by the reader/writer
+
+ @retval EFI_SUCCESS Success;
+ @retval EFI_OUT_OF_RESOURCES Memory full;
+
+**/
+EFI_STATUS
+AddCryptoMount(
+ IN EFI_DEVICE_PATH* DevicePath,
+ IN EFI_BLOCK_READ FilterRead,
+ IN EFI_BLOCK_WRITE FilterWrite,
+ IN VOID* FilterParams
+ );
+
+/**
+ Retrives a DCSINT_BLOCK_IO for given protocol
+
+ @param[in] protocol protocol to retrive the DCSINT_BLOCK_IO for
+
+ @retval DCSINT_BLOCK_IO found entry
+
+**/
+DCSINT_BLOCK_IO*
+GetBlockIoByProtocol(
+ IN EFI_BLOCK_IO_PROTOCOL* protocol
+ );
+
+/**
+ Install the block I/O filter
+
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The hook was installed successfully.
+ @retval other failed to install hook
+
+**/
+EFI_STATUS
+DscInstallHook(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ );
+
+
+
+#endif
+
diff --git a/Include/Library/GraphLib.h b/Include/Library/GraphLib.h
index 49cea5c..c3fe0d4 100644
--- a/Include/Library/GraphLib.h
+++ b/Include/Library/GraphLib.h
@@ -169,7 +169,8 @@ BltText(
IN INT32 x,
IN INT32 y,
IN INT32 scale, // 0..256 reduce 256... enlarge
- IN CONST CHAR8 *text);
+ IN CONST VOID *text,
+ IN BOOLEAN wide);
EFI_STATUS
diff --git a/Include/Library/PasswordLib.h b/Include/Library/PasswordLib.h
index cc77957..c08d0a4 100644
--- a/Include/Library/PasswordLib.h
+++ b/Include/Library/PasswordLib.h
@@ -3,6 +3,7 @@ Password library
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials are licensed and made available
under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
@@ -17,6 +18,10 @@ The full text of the license may be found at
#include
#include
+#define SET_VAR_CHAR(asciiLine, wide, pos, value) \
+ if (wide) ((CHAR16*)asciiLine)[pos] = (CHAR16)value; \
+ else ((CHAR8*)asciiLine)[pos] = (CHAR8)value;
+
extern CHAR16* gPasswordPictureFileName;
extern CHAR8* gPasswordPictureChars;
@@ -26,12 +31,14 @@ extern UINT8 gPasswordVisible;
extern UINT8 gPasswordProgress;
extern int gPasswordTimeout;
+extern int gPasswordHideLetters;
extern int gPasswordShowMark;
extern VOID* gPictPwdBmp;
extern UINTN gPictPwdBmpSize;
extern int gPlatformLocked;
extern int gTPMLocked;
+extern int gTPMLockedInfoDelay;
extern int gSCLocked;
enum AskPwdType {
@@ -44,6 +51,7 @@ enum AskPwdRetCode {
AskPwdRetCancel = 0,
AskPwdRetLogin = 1,
AskPwdRetChange = 2,
+ AskPwdForcePass = 3,
AskPwdRetTimeout
};
@@ -51,18 +59,20 @@ VOID
AskPictPwdInt(
IN UINTN pwdType,
IN UINTN pwdMax,
- OUT CHAR8* pwd,
+ OUT VOID* pwd,
OUT UINT32* pwdLen,
- OUT INT32* retCode
+ OUT INT32* retCode,
+ IN BOOLEAN wide
);
VOID
AskConsolePwdInt(
OUT UINT32 *length,
- OUT CHAR8 *asciiLine,
+ OUT VOID *asciiLine,
OUT INT32 *retCode,
- IN UINTN line_max,
- IN UINT8 show
+ IN UINTN length_max,
+ IN UINT8 show,
+ IN BOOLEAN wide
);
extern EFI_GUID* gSmbSystemUUID; // Universal unique ID
diff --git a/LegacySpeaker/LegacySpeaker.vcxproj b/LegacySpeaker/LegacySpeaker.vcxproj
new file mode 100644
index 0000000..60d4b51
--- /dev/null
+++ b/LegacySpeaker/LegacySpeaker.vcxproj
@@ -0,0 +1,100 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {5CC585F2-15E8-41FD-A679-0BDC6566992A}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ LegacySpeaker.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+ LegacySpeaker.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/LegacySpeaker/LegacySpeaker.vcxproj.filters b/LegacySpeaker/LegacySpeaker.vcxproj.filters
new file mode 100644
index 0000000..1d5520f
--- /dev/null
+++ b/LegacySpeaker/LegacySpeaker.vcxproj.filters
@@ -0,0 +1,41 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+
+
+ Resource Files
+
+
+
\ No newline at end of file
diff --git a/LegacySpeaker/LegacySpeaker.vcxproj.user b/LegacySpeaker/LegacySpeaker.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/LegacySpeaker/LegacySpeaker.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/CommonLib/CommonLib.inf b/Library/CommonLib/CommonLib.inf
index ec658d7..629dff9 100644
--- a/Library/CommonLib/CommonLib.inf
+++ b/Library/CommonLib/CommonLib.inf
@@ -31,6 +31,7 @@
EfiVar.c
EfiFile.c
EfiConsole.c
+ KbMapper.c
EfiAttrPrint.c
EfiBeep.c
EfiExec.c
diff --git a/Library/CommonLib/CommonLib.vcxproj b/Library/CommonLib/CommonLib.vcxproj
new file mode 100644
index 0000000..67654e8
--- /dev/null
+++ b/Library/CommonLib/CommonLib.vcxproj
@@ -0,0 +1,114 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {FD53F894-7B5A-495B-886F-4D4A26147767}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ CommonLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ CommonLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/CommonLib/CommonLib.vcxproj.filters b/Library/CommonLib/CommonLib.vcxproj.filters
new file mode 100644
index 0000000..d8e37e9
--- /dev/null
+++ b/Library/CommonLib/CommonLib.vcxproj.filters
@@ -0,0 +1,89 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+ {bb43c6fc-5b3e-403b-bbde-96889a09660d}
+
+
+ {9f3599ba-6e87-4363-9b0b-076a74a83175}
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+ Source Files\IA32
+
+
+ Source Files\X64
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/Library/CommonLib/CommonLib.vcxproj.user b/Library/CommonLib/CommonLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/CommonLib/CommonLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/CommonLib/EfiBio.c b/Library/CommonLib/EfiBio.c
index e6509f9..a04436f 100644
--- a/Library/CommonLib/EfiBio.c
+++ b/Library/CommonLib/EfiBio.c
@@ -39,6 +39,16 @@ EfiPrintDevicePath(
MEM_FREE(StrPath);
}
+VOID
+EfiPrintPath(
+ IN EFI_DEVICE_PATH *DevicePath)
+{
+ CHAR16 *StrPath;
+ StrPath = ConvertDevicePathToText(DevicePath, FALSE, FALSE);
+ OUT_PRINT(StrPath);
+ MEM_FREE(StrPath);
+}
+
VOID
EfiPrintProtocols(
IN EFI_HANDLE handle)
diff --git a/Library/CommonLib/EfiConsole.c b/Library/CommonLib/EfiConsole.c
index daf087f..32a5c3c 100644
--- a/Library/CommonLib/EfiConsole.c
+++ b/Library/CommonLib/EfiConsole.c
@@ -150,7 +150,7 @@ GetKey(void)
res1 = gBS->WaitForEvent(1, &gST->ConIn->WaitForKey, &EventIndex);
res2 = gST->ConIn->ReadKeyStroke(gST->ConIn, &key);
} while (EFI_ERROR(res1) || EFI_ERROR(res2));
- return key;
+ return MapKeyboardKey(key);
}
VOID
diff --git a/Library/CommonLib/KbMapper.c b/Library/CommonLib/KbMapper.c
new file mode 100644
index 0000000..2e5ce16
--- /dev/null
+++ b/Library/CommonLib/KbMapper.c
@@ -0,0 +1,53 @@
+/** @file
+EFI keyboard layout mapper
+
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials are licensed and made available
+under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#include
+
+int gKeyboardLayout = 0;
+
+CHAR16 to_qwertz(CHAR16 c)
+{
+ switch (c) {
+ case L'y': return L'z';
+ case L'Y': return L'Z';
+ case L'z': return L'y';
+ case L'Z': return L'Y';
+ }
+ return c;
+}
+
+CHAR16 to_azerty(CHAR16 c)
+{
+ switch (c) {
+ case L'q': return L'a';
+ case L'Q': return L'A';
+ case L'w': return L'z';
+ case L'W': return L'Z';
+ case L'a': return L'q';
+ case L'A': return L'Q';
+ case L';': return L'm';
+ case L':': return L'M';
+ case L'z': return L'w';
+ case L'Z': return L'W';
+ }
+ return c;
+}
+
+EFI_INPUT_KEY MapKeyboardKey(EFI_INPUT_KEY key)
+{
+ switch (gKeyboardLayout)
+ {
+ case KB_MAP_QWERTZ: key.UnicodeChar = to_qwertz(key.UnicodeChar); break;
+ case KB_MAP_AZERTY: key.UnicodeChar = to_azerty(key.UnicodeChar); break;
+ }
+ return key;
+}
\ No newline at end of file
diff --git a/Library/DcsCfgLib/DcsCfgLib.inf b/Library/DcsCfgLib/DcsCfgLib.inf
index 2dd0aab..fa99bca 100644
--- a/Library/DcsCfgLib/DcsCfgLib.inf
+++ b/Library/DcsCfgLib/DcsCfgLib.inf
@@ -26,8 +26,11 @@
#
[Sources.common]
+common\Xml.c
+common\Xml.h
GptEdit.c
DcsRandom.c
+DcsConfig.c
[Sources.X64]
diff --git a/Library/DcsCfgLib/DcsCfgLib.vcxproj b/Library/DcsCfgLib/DcsCfgLib.vcxproj
new file mode 100644
index 0000000..9391c12
--- /dev/null
+++ b/Library/DcsCfgLib/DcsCfgLib.vcxproj
@@ -0,0 +1,103 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {925CEE89-F916-45FF-9F9A-07BD4B8A2CDF}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\CryptoPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\CryptoPkg\Include
+
+
+ DcsCfgLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\CryptoPkg\Include
+
+
+ DcsCfgLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include;F:\Projects\DCmod\edk2\CryptoPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/DcsCfgLib/DcsCfgLib.vcxproj.filters b/Library/DcsCfgLib/DcsCfgLib.vcxproj.filters
new file mode 100644
index 0000000..e8ed0a8
--- /dev/null
+++ b/Library/DcsCfgLib/DcsCfgLib.vcxproj.filters
@@ -0,0 +1,53 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+ {71c03cf8-12b4-40f7-893a-5025b72543cc}
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Common
+
+
+
+
+ Resource Files
+
+
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Common
+
+
+
\ No newline at end of file
diff --git a/Library/DcsCfgLib/DcsCfgLib.vcxproj.user b/Library/DcsCfgLib/DcsCfgLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/DcsCfgLib/DcsCfgLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/DcsCfgLib/DcsConfig.c b/Library/DcsCfgLib/DcsConfig.c
new file mode 100644
index 0000000..90d6bc0
--- /dev/null
+++ b/Library/DcsCfgLib/DcsConfig.c
@@ -0,0 +1,180 @@
+/** @file
+Interface for DCS
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the Apache License, Version 2.0.
+
+The full text of the license may be found at
+https://opensource.org/licenses/Apache-2.0
+**/
+
+#include
+#include
+
+#include
+#include "common/Xml.h"
+
+
+//////////////////////////////////////////////////////////////////////////
+// Config
+//////////////////////////////////////////////////////////////////////////
+CHAR16* gConfigFileName = NULL;
+
+char *gConfigBuffer = NULL;
+UINTN gConfigBufferSize = 0;
+char *gConfigBufferUpdated = NULL;
+UINTN gConfigBufferUpdatedSize = 0;
+
+BOOLEAN gConfigDebug = FALSE;
+BOOLEAN gExternMode = FALSE;
+
+BOOLEAN
+InitConfig(CHAR16* configFileName)
+{
+ EFI_STATUS res;
+
+ gConfigFileName = configFileName;
+
+ if (gConfigBuffer) return TRUE;
+ if (gConfigFileName == NULL) return FALSE;
+
+ res = FileLoad(NULL, gConfigFileName, &gConfigBuffer, &gConfigBufferSize);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Failed to load config file r%\n", res);
+ return FALSE;
+ }
+
+#ifdef DEBUG_BUILD
+ gConfigDebug = ConfigReadInt("VerboseDebug", 1) ? TRUE : FALSE;
+#else
+ gConfigDebug = ConfigReadInt("VerboseDebug", 0) ? TRUE : FALSE;
+#endif
+
+ return TRUE;
+}
+
+BOOLEAN
+ConfigRead(char *configKey, char *configValue, int maxValueSize)
+{
+ char *xml;
+
+ if (gConfigFileName == NULL) {
+ ERR_PRINT(L"Config was not initialized!\n");
+ //if (FileLoad(NULL, L"\\EFI\\VeraCrypt\\DcsProp", &gConfigBuffer, &gConfigBufferSize) != EFI_SUCCESS) {
+ return FALSE;
+ //}
+ }
+
+ xml = gConfigBufferUpdated != NULL? gConfigBufferUpdated : gConfigBuffer;
+ if (xml != NULL)
+ {
+ xml = XmlFindElementByAttributeValue(xml, "config", "key", configKey);
+ if (xml != NULL)
+ {
+ XmlGetNodeText(xml, configValue, maxValueSize);
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+int ConfigReadInt(char *configKey, int defaultValue)
+{
+ char s[32];
+ if (ConfigRead(configKey, s, sizeof(s))) {
+ if (*s == '-') {
+ return (-1) * (int)AsciiStrDecimalToUintn(&s[1]);
+ }
+ return (int)AsciiStrDecimalToUintn(s);
+ }
+ else
+ return defaultValue;
+}
+
+__int64 ConfigReadInt64(char *configKey, __int64 defaultValue)
+{
+ char s[32];
+ if (ConfigRead(configKey, s, sizeof(s))) {
+ if (*s == '-') {
+ return -(__int64)AsciiStrDecimalToUint64(&s[1]); // __allmul is not available
+ }
+ return (__int64)AsciiStrDecimalToUint64(s);
+ }
+ else
+ return defaultValue;
+}
+
+char *ConfigReadString(char *configKey, char *defaultValue, char *str, int maxLen)
+{
+ if (str == NULL) {
+ str = MEM_ALLOC(maxLen);
+ }
+
+ if (!ConfigRead(configKey, str, maxLen)) {
+ AsciiStrCpyS(str, maxLen, defaultValue);
+ }
+ return str;
+}
+
+CHAR16 *ConfigReadStringW(char *configKey, CHAR16 *defaultValue, CHAR16 *str, int maxLen)
+{
+ char* strTemp = NULL;
+
+ if (str == NULL) {
+ str = MEM_ALLOC(maxLen * sizeof(CHAR16));
+ }
+
+ strTemp = MEM_ALLOC(maxLen);
+ if (!ConfigRead(configKey, strTemp, maxLen)) {
+ StrCpyS(str, maxLen, defaultValue);
+ }
+ else {
+ AsciiStrToUnicodeStr(strTemp, str);
+ }
+ MEM_FREE(strTemp);
+
+ return str;
+}
+
+BOOLEAN
+InitParams()
+{
+ EFI_STATUS res;
+ CHAR16* cmd;
+ UINTN cmdSize;
+ UINT32 cmdAttr;
+
+ res = EfiGetVar(L"DcsExecMode", NULL, &cmd, &cmdSize, &cmdAttr);
+ if (!EFI_ERROR(res)) {
+ EfiSetVar(L"DcsExecMode", NULL, NULL, 0, cmdAttr); // clear variable
+ if (StrStr(cmd, OPT_EXTERN_KEY) != NULL) {
+ gExternMode = TRUE;
+ }
+ }
+
+ return TRUE;
+}
+
+
+void(*gCleanSensitiveData)(BOOLEAN) = NULL;
+
+VOID SetCleanSensitiveDataFunc(void(*cleanSensitiveData)(BOOLEAN))
+{
+ gCleanSensitiveData = cleanSensitiveData;
+}
+
+VOID CleanSensitiveData(BOOLEAN panic)
+{
+ if (!gCleanSensitiveData) {
+ // we can't print from here as in some cases (VirtualNotifyEvent) this will crash the system!!!
+ //ERR_PRINT(L"Can't Clean Sensitive Data from RAM!!!");
+ return;
+ }
+ gCleanSensitiveData(panic);
+}
diff --git a/Library/DcsCfgLib/GptEdit.c b/Library/DcsCfgLib/GptEdit.c
index 1cb2b35..243ad4b 100644
--- a/Library/DcsCfgLib/GptEdit.c
+++ b/Library/DcsCfgLib/GptEdit.c
@@ -20,9 +20,7 @@ The full text of the license may be found at
#include
#include
-
-#include
-#include
+#include
EFI_GUID gEfiPartTypeMsReservedPartGuid = EFI_PART_TYPE_MS_RESERVED_PART_GUID;
EFI_GUID gEfiPartTypeBasicDataPartGuid = EFI_PART_TYPE_BASIC_DATA_PART_GUID;
@@ -679,12 +677,12 @@ DeListExecEdit()
EFI_STATUS
DeListPwdCacheEdit()
{
- UINTN count;
- UINTN len;
- UINTN i;
- UINT32 crc = 0;
- Password pwd;
- UINTN pim;
+ UINTN count;
+ UINTN len;
+ UINTN i;
+ UINT32 crc = 0;
+ DePassword pwd;
+ UINTN pim;
EFI_STATUS res;
if (DePwdCache == NULL) {
DePwdCache = MEM_ALLOC(sizeof(*DePwdCache));
@@ -692,21 +690,21 @@ DeListPwdCacheEdit()
}
OUT_PRINT(L"PwdCache\n");
do {
- count = (uint32)AskUINTN("Count[0-4]:", DePwdCache->Count);
+ count = (UINT32)AskUINTN("Count[0-4]:", DePwdCache->Count);
} while (count > 4);
- DePwdCache->Count = (uint32)count;
+ DePwdCache->Count = (UINT32)count;
for (i = 0; i < 4; ++i) {
ZeroMem(&pwd, sizeof(pwd));
pim = 0;
if (i < DePwdCache->Count) {
OUT_PRINT(L"%H%d%N [%a] [%d]\n:", i, DePwdCache->Pwd[i].Text, DePwdCache->Pim[i]);
- GetLine(&len, NULL, pwd.Text, MAX_PASSWORD, 1);
+ GetLine(&len, NULL, pwd.Text, DE_MAX_PASSWORD, 1);
if (len != 0) {
- pwd.Length = (uint32)len;
- pim = (uint32)AskUINTN("Pim:", DePwdCache->Pim[i]);
+ pwd.Length = (UINT32)len;
+ pim = (UINT32)AskUINTN("Pim:", DePwdCache->Pim[i]);
}
}
- DePwdCache->Pim[i] = (uint32)pim;
+ DePwdCache->Pim[i] = (UINT32)pim;
CopyMem(&DePwdCache->Pwd[i], &pwd, sizeof(pwd));
}
ZeroMem(&DePwdCache->pad, sizeof(DePwdCache->pad));
diff --git a/Library/DcsCfgLib/common/Xml.c b/Library/DcsCfgLib/common/Xml.c
new file mode 100644
index 0000000..ea2f5fa
--- /dev/null
+++ b/Library/DcsCfgLib/common/Xml.c
@@ -0,0 +1,291 @@
+/*
+ Derived from source code of TrueCrypt 7.1a, which is
+ Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
+ by the TrueCrypt License 3.0.
+
+ Modifications and additions to the original source code (contained in this file)
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
+ and are governed by the Apache License 2.0 the full text of which is
+ contained in the file License.txt included in VeraCrypt binary and source
+ code distribution packages.
+*/
+#if !defined(_UEFI)
+#include
+#include
+#else
+#include
+#include
+#include
+
+typedef BOOLEAN BOOL;
+typedef UINTN size_t;
+typedef CHAR16 wchar_t;
+
+#define MAX_STRING_SIZE 0x1000
+#define wcscpy StrCpy
+#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))
+#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)
+#define strcmp AsciiStrCmp
+#define strcpy(strDest,strSource) AsciiStrCpyS(strDest,MAX_STRING_SIZE,strSource)
+#define strlen(str) (size_t)(AsciiStrnLenS(str,MAX_STRING_SIZE))
+#define strstr AsciiStrStr
+
+#pragma warning( disable : 4706 ) // assignment within conditional expression
+#endif
+#include "Xml.h"
+
+
+static BOOL BeginsWith (char *string, char *subString)
+{
+ while (*string++ == *subString++)
+ {
+ if (*subString == 0) return TRUE;
+ if (*string == 0) return FALSE;
+ }
+
+ return FALSE;
+}
+
+
+char *XmlNextNode (char *xmlNode)
+{
+ char *t = xmlNode + 1;
+ while ((t = strchr (t, '<')) != NULL)
+ {
+ if (t[1] != '/')
+ return t;
+
+ t++;
+ }
+
+ return NULL;
+}
+
+
+char *XmlFindElement (char *xmlNode, char *nodeName)
+{
+ char *t = xmlNode;
+ size_t nameLen = strlen (nodeName);
+
+ do
+ {
+ if (BeginsWith (t + 1, nodeName)
+ && (t[nameLen + 1] == '>'
+ || t[nameLen + 1] == ' ')) return t;
+
+ } while (t = XmlNextNode (t));
+
+ return NULL;
+}
+
+
+char *XmlFindElementByAttributeValue (char *xml, char *nodeName, const char *attrName, const char *attrValue)
+{
+ char attr[2048];
+
+ while (xml = XmlFindElement (xml, nodeName))
+ {
+ XmlGetAttributeText (xml, attrName, attr, sizeof (attr));
+ if (strcmp (attr, attrValue) == 0)
+ return xml;
+
+ xml++;
+ }
+
+ return NULL;
+}
+
+
+char *XmlGetAttributeText (char *xmlNode, const char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize)
+{
+ char *t = xmlNode;
+ char *e = xmlNode;
+ int l = 0;
+
+ xmlAttrValue[0] = 0;
+ if (t[0] != '<') return NULL;
+
+ e = strchr (e, '>');
+ if (e == NULL) return NULL;
+
+ while ((t = strstr (t, xmlAttrName)) && t < e)
+ {
+ char *o = t + strlen (xmlAttrName);
+ if (t[-1] == ' '
+ &&
+ (BeginsWith (o, "=\"")
+ || BeginsWith (o, "= \"")
+ || BeginsWith (o, " =\"")
+ || BeginsWith (o, " = \""))
+ )
+ break;
+
+ t++;
+ }
+
+ if (t == NULL || t > e) return NULL;
+
+ t = ((char*)strchr (t, '"')) + 1;
+ e = strchr (t, '"');
+ l = (int)(e - t);
+ if (e == NULL || l > xmlAttrValueSize) return NULL;
+
+ memcpy (xmlAttrValue, t, l);
+ xmlAttrValue[l] = 0;
+
+ return xmlAttrValue;
+}
+
+
+char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize)
+{
+ char *t = xmlNode;
+ char *e = xmlNode + 1;
+ int l = 0, i = 0, j = 0;
+
+ xmlText[0] = 0;
+
+ if (t[0] != '<')
+ return NULL;
+
+ t = (char*) strchr (t, '>');
+ if (t == NULL) return NULL;
+
+ t++;
+ e = strchr (e, '<');
+ if (e == NULL) return NULL;
+
+ l = (int)(e - t);
+ if (e == NULL || l > xmlTextSize) return NULL;
+
+ while (i < l)
+ {
+ if (BeginsWith (&t[i], "<"))
+ {
+ xmlText[j++] = '<';
+ i += 4;
+ continue;
+ }
+ if (BeginsWith (&t[i], ">"))
+ {
+ xmlText[j++] = '>';
+ i += 4;
+ continue;
+ }
+ if (BeginsWith (&t[i], "&"))
+ {
+ xmlText[j++] = '&';
+ i += 5;
+ continue;
+ }
+ xmlText[j++] = t[i++];
+ }
+ xmlText[j] = 0;
+
+ return t;
+}
+
+
+char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize)
+{
+ char *textDstLast = textDst + textDstMaxSize - 1;
+
+ if (textDstMaxSize == 0)
+ return NULL;
+
+ while (*textSrc != 0 && textDst <= textDstLast)
+ {
+ char c = *textSrc++;
+ switch (c)
+ {
+ case '&':
+ if (textDst + 6 > textDstLast)
+ return NULL;
+ strcpy (textDst, "&");
+ textDst += 5;
+ continue;
+
+ case '>':
+ if (textDst + 5 > textDstLast)
+ return NULL;
+ strcpy (textDst, ">");
+ textDst += 4;
+ continue;
+
+ case '<':
+ if (textDst + 5 > textDstLast)
+ return NULL;
+ strcpy (textDst, "<");
+ textDst += 4;
+ continue;
+
+ default:
+ *textDst++ = c;
+ }
+ }
+
+ if (textDst > textDstLast)
+ return NULL;
+
+ *textDst = 0;
+ return textDst;
+}
+
+wchar_t *XmlQuoteTextW (const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize)
+{
+ wchar_t *textDstLast = textDst + textDstMaxSize - 1;
+
+ if (textDstMaxSize == 0)
+ return NULL;
+
+ while (*textSrc != 0 && textDst <= textDstLast)
+ {
+ wchar_t c = *textSrc++;
+ switch (c)
+ {
+ case L'&':
+ if (textDst + 6 > textDstLast)
+ return NULL;
+ wcscpy (textDst, L"&");
+ textDst += 5;
+ continue;
+
+ case L'>':
+ if (textDst + 5 > textDstLast)
+ return NULL;
+ wcscpy (textDst, L">");
+ textDst += 4;
+ continue;
+
+ case L'<':
+ if (textDst + 5 > textDstLast)
+ return NULL;
+ wcscpy (textDst, L"<");
+ textDst += 4;
+ continue;
+
+ default:
+ *textDst++ = c;
+ }
+ }
+
+ if (textDst > textDstLast)
+ return NULL;
+
+ *textDst = 0;
+ return textDst;
+}
+
+#if !defined(_UEFI)
+#pragma warning( default : 4706 )
+int XmlWriteHeader (FILE *file)
+{
+ return fputws (L"\n", file);
+}
+
+
+int XmlWriteFooter (FILE *file)
+{
+ return fputws (L"\n", file);
+}
+#endif !defined(_UEFI)
diff --git a/Library/DcsCfgLib/common/Xml.h b/Library/DcsCfgLib/common/Xml.h
new file mode 100644
index 0000000..09b8543
--- /dev/null
+++ b/Library/DcsCfgLib/common/Xml.h
@@ -0,0 +1,32 @@
+/*
+ Derived from source code of TrueCrypt 7.1a, which is
+ Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
+ by the TrueCrypt License 3.0.
+
+ Modifications and additions to the original source code (contained in this file)
+ and all other portions of this file are Copyright (c) 2013-2017 IDRIX
+ and are governed by the Apache License 2.0 the full text of which is
+ contained in the file License.txt included in VeraCrypt binary and source
+ code distribution packages.
+*/
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+char *XmlNextNode (char *xmlNode);
+char *XmlFindElement (char *xmlNode, char *nodeName);
+char *XmlGetAttributeText (char *xmlNode, const char *xmlAttrName, char *xmlAttrValue, int xmlAttrValueSize);
+char *XmlGetNodeText (char *xmlNode, char *xmlText, int xmlTextSize);
+char *XmlFindElementByAttributeValue (char *xml, char *nodeName, const char *attrName, const char *attrValue);
+char *XmlQuoteText (const char *textSrc, char *textDst, int textDstMaxSize);
+
+#if !defined(_UEFI)
+wchar_t *XmlQuoteTextW(const wchar_t *textSrc, wchar_t *textDst, int textDstMaxSize);
+int XmlWriteHeader (FILE *file);
+int XmlWriteFooter (FILE *file);
+#endif !defined(_UEFI)
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/Library/DcsIntLib/DcsIntHook.c b/Library/DcsIntLib/DcsIntHook.c
new file mode 100644
index 0000000..8649b4e
--- /dev/null
+++ b/Library/DcsIntLib/DcsIntHook.c
@@ -0,0 +1,311 @@
+/** @file
+Block R/W interceptor
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include
+
+#if 0
+ #define TRC_HANDLE_PATH(msg,h) \
+ OUT_PRINT(msg); \
+ EfiPrintDevicePath(h); \
+ OUT_PRINT(L"\n")
+
+ #define TRC_DEVICE_PATH(msg,h) \
+ OUT_PRINT(msg); \
+ EfiPrintPath(h); \
+ OUT_PRINT(L"\n")
+#else
+ #define TRC_HANDLE_PATH(msg,h)
+ #define TRC_DEVICE_PATH(msg,h)
+#endif
+
+DCSINT_MOUNT* DcsIntMountFirst = NULL; //< List of mounts head
+DCSINT_BLOCK_IO* DcsIntBlockIoFirst = NULL; //< List of block I/O head
+
+EFI_DRIVER_BINDING_PROTOCOL g_DcsIntDriverBinding = {
+ DcsIntBindingSupported,
+ DcsIntBindingStart,
+ DcsIntBindingStop,
+ DCSINT_DRIVER_VERSION,
+ NULL,
+ NULL
+};
+
+void HaltPrint(const CHAR16* Msg)
+{
+ CleanSensitiveData(TRUE); // panic
+ Print(L"%s - system Halted\n", Msg);
+ EfiCpuHalt();
+}
+
+//////////////////////////////////////////////////////////////////////////
+// List of Mounts
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+AddCryptoMount(
+ IN EFI_DEVICE_PATH* DevicePath,
+ IN EFI_BLOCK_READ FilterRead,
+ IN EFI_BLOCK_WRITE FilterWrite,
+ IN VOID* FilterParams
+)
+{
+ DCSINT_MOUNT *DcsIntMount;
+
+ TRC_DEVICE_PATH(L"s:", DevicePath);
+
+ DcsIntMount = (DCSINT_MOUNT *)MEM_ALLOC(sizeof(DCSINT_MOUNT));
+ if (DcsIntMount == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ DcsIntMount->DevicePath = DevicePath;
+
+ DcsIntMount->FilterRead = FilterRead;
+ DcsIntMount->FilterWrite = FilterWrite;
+ DcsIntMount->FilterParams = FilterParams;
+
+ // add to global list
+ if (DcsIntMountFirst == NULL) {
+ DcsIntMountFirst = DcsIntMount;
+ DcsIntMountFirst->Next = NULL;
+ }
+ else {
+ DcsIntMount->Next = DcsIntMountFirst;
+ DcsIntMountFirst = DcsIntMount;
+ }
+
+ return EFI_SUCCESS;
+}
+
+DCSINT_MOUNT*
+GetMountByPath(
+ IN EFI_DEVICE_PATH *DevicePath)
+{
+ if (DevicePath == NULL) return NULL;
+ DCSINT_MOUNT *DcsIntMount = DcsIntMountFirst;
+ while (DcsIntMount != NULL) {
+ if (CompareMem(DevicePath, DcsIntMount->DevicePath, GetDevicePathSize(DcsIntMount->DevicePath)) == 0) {
+ return DcsIntMount;
+ }
+ DcsIntMount = DcsIntMount->Next;
+ }
+ return NULL;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// List of block I/O
+//////////////////////////////////////////////////////////////////////////
+DCSINT_BLOCK_IO*
+GetBlockIoByHandle(
+ IN EFI_HANDLE handle)
+{
+ DCSINT_BLOCK_IO *DcsIntBlockIo = DcsIntBlockIoFirst;
+ while (DcsIntBlockIo != NULL) {
+ if (DcsIntBlockIo->Controller == handle) {
+ return DcsIntBlockIo;
+ }
+ DcsIntBlockIo = DcsIntBlockIo->Next;
+ }
+ return NULL;
+}
+
+DCSINT_BLOCK_IO*
+GetBlockIoByProtocol(
+ IN EFI_BLOCK_IO_PROTOCOL* protocol)
+{
+ DCSINT_BLOCK_IO *DcsIntBlockIo = DcsIntBlockIoFirst;
+ while (DcsIntBlockIo != NULL) {
+ if (DcsIntBlockIo->BlockIo == protocol) {
+ return DcsIntBlockIo;
+ }
+ DcsIntBlockIo = DcsIntBlockIo->Next;
+ }
+ return NULL;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Block IO hook
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+IntBlockIo_Hook(
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller
+ )
+{
+ EFI_DEVICE_PATH *DevicePath;
+ DCSINT_MOUNT *DcsIntMount;
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ DCSINT_BLOCK_IO *DcsIntBlockIo = 0;
+ EFI_STATUS Status;
+// EFI_TPL Tpl;
+
+ // Already hook?
+ DcsIntBlockIo = GetBlockIoByHandle(Controller);
+ if (DcsIntBlockIo != NULL) {
+ return EFI_SUCCESS;
+ }
+
+ DevicePath = DevicePathFromHandle(Controller);
+
+ DcsIntMount = GetMountByPath(DevicePath);
+ if (DcsIntMount == NULL) {
+ ERR_PRINT(L"\nCan't get mount entry\n");
+ return EFI_NOT_FOUND;
+ }
+
+ Status = gBS->OpenProtocol(
+ Controller,
+ &gEfiBlockIoProtocolGuid,
+ (VOID**)&BlockIo,
+ This->DriverBindingHandle,
+ Controller,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL
+ );
+
+ if (!EFI_ERROR(Status)) {
+ // Check is this protocol already hooked
+ DcsIntBlockIo = (DCSINT_BLOCK_IO *)MEM_ALLOC(sizeof(DCSINT_BLOCK_IO));
+ if (DcsIntBlockIo == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ // construct new DcsIntBlockIo
+ DcsIntBlockIo->Sign = DCSINT_BLOCK_IO_SIGN;
+ DcsIntBlockIo->Controller = Controller;
+ DcsIntBlockIo->BlockIo = BlockIo;
+ //DcsIntBlockIo->IsReinstalled = 0;
+// Block
+// Tpl = gBS->RaiseTPL(TPL_NOTIFY);
+ // Install new routines
+ DcsIntBlockIo->FilterParams = DcsIntMount->FilterParams;
+ DcsIntBlockIo->LowRead = BlockIo->ReadBlocks;
+ DcsIntBlockIo->LowWrite = BlockIo->WriteBlocks;
+ BlockIo->ReadBlocks = DcsIntMount->FilterRead;
+ BlockIo->WriteBlocks = DcsIntMount->FilterWrite;
+
+ // close protocol before reinstall
+ gBS->CloseProtocol(
+ Controller,
+ &gEfiBlockIoProtocolGuid,
+ This->DriverBindingHandle,
+ Controller
+ );
+
+ // add to global list
+ if (DcsIntBlockIoFirst == NULL) {
+ DcsIntBlockIoFirst = DcsIntBlockIo;
+ DcsIntBlockIoFirst->Next = NULL;
+ }
+ else {
+ DcsIntBlockIo->Next = DcsIntBlockIoFirst;
+ DcsIntBlockIoFirst = DcsIntBlockIo;
+ }
+
+ // reinstall BlockIo protocol
+ //Status = gBS->ReinstallProtocolInterface( // Why does this result in windows boot hanging with a simple passthrough hook?
+ // Controller,
+ // &gEfiBlockIoProtocolGuid,
+ // BlockIo,
+ // BlockIo
+ //);
+
+// gBS->RestoreTPL(Tpl);
+ //DcsIntBlockIo->IsReinstalled = 1;
+
+ Status = EFI_SUCCESS;
+ }
+ return Status;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// DriverBinding routines
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+DcsIntBindingStart(
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
+ )
+{
+ EFI_STATUS Status;
+
+ TRC_HANDLE_PATH(L"t: ", Controller);
+
+ // hook blockIo
+ Status = IntBlockIo_Hook(This, Controller);
+ if (EFI_ERROR(Status)) {
+ HaltPrint(L"IO Hook Failed");
+ }
+ return Status;
+}
+
+EFI_STATUS
+DcsIntBindingSupported(
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
+ )
+{
+ EFI_DEVICE_PATH *DevicePath;
+
+ //TRC_HANDLE_PATH(L"b: ", Controller); // thats a lot
+
+ DevicePath = DevicePathFromHandle(Controller);
+ DCSINT_MOUNT* DcsIntMount = GetMountByPath(DevicePath);
+ if (DcsIntMount) {
+ DCSINT_BLOCK_IO* DcsIntBlockIo = NULL;
+ // Is installed?
+ DcsIntBlockIo = GetBlockIoByHandle(Controller);
+ if (DcsIntBlockIo != NULL) {
+ return EFI_UNSUPPORTED;
+ }
+ return EFI_SUCCESS;
+ }
+ return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+DcsIntBindingStop(
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE Controller,
+ IN UINTN NumberOfChildren,
+ IN EFI_HANDLE *ChildHandleBuffer
+ )
+{
+ TRC_HANDLE_PATH(L"p: ", Controller);
+ return EFI_SUCCESS;
+}
+
+EFI_STATUS
+DscInstallHook(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable)
+{
+ return EfiLibInstallDriverBindingComponentName2(
+ ImageHandle,
+ SystemTable,
+ &g_DcsIntDriverBinding,
+ ImageHandle,
+ &gDcsIntComponentName,
+ &gDcsIntComponentName2);
+
+ //Note: For the hook to be applyed ConnectAllEfi(); must be called.
+}
diff --git a/Library/DcsIntLib/DcsIntLib.inf b/Library/DcsIntLib/DcsIntLib.inf
new file mode 100644
index 0000000..ba0c91e
--- /dev/null
+++ b/Library/DcsIntLib/DcsIntLib.inf
@@ -0,0 +1,91 @@
+## @file
+# Library for DCS Block R/W interceptor
+#
+# Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+# Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+# Copyright (c) 2019. DiskCryptor, David Xanatos
+#
+# This program and the accompanying materials are licensed and made available
+# under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+#
+# The full text of the license may be found at
+# https://opensource.org/licenses/LGPL-3.0
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010006
+ BASE_NAME = DcsIntLib
+ MODULE_UNI_FILE = DcsIntLib.uni
+ FILE_GUID = 26D7760E-8276-4590-A88E-80739B0E73B5
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = DcsIntLib|DXE_DRIVER UEFI_APPLICATION UEFI_DRIVER
+
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources.common]
+ DcsIntName.c
+ DcsIntHook.c
+
+[Sources.X64]
+
+[Sources.IA32]
+
+[Packages]
+ MdePkg/MdePkg.dec
+ DcsPkg/DcsPkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ MemoryAllocationLib
+ UefiLib
+ RngLib
+ BaseCryptLib
+
+[Protocols]
+
+
+[BuildOptions.IA32]
+DEBUG_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /FAcs /D_UEFI
+RELEASE_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /FAcs /D_UEFI
+NOOPT_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /Od /FAcs /D_UEFI
+
+DEBUG_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /FAcs /D_UEFI
+RELEASE_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /FAcs /D_UEFI
+NOOPT_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /Od /FAcs /D_UEFI
+
+RELEASE_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+DEBUG_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+NOOPT_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+
+RELEASE_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+DEBUG_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+NOOPT_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+
+[BuildOptions.X64]
+DEBUG_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+DEBUG_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+DEBUG_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+RELEASE_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+
+RELEASE_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+
+RELEASE_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
diff --git a/Library/DcsIntLib/DcsIntLib.vcxproj b/Library/DcsIntLib/DcsIntLib.vcxproj
new file mode 100644
index 0000000..a22436a
--- /dev/null
+++ b/Library/DcsIntLib/DcsIntLib.vcxproj
@@ -0,0 +1,100 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {34205709-1C3A-43E9-A57C-5EBC5BBD2D89}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/DcsIntLib/DcsIntLib.vcxproj.filters b/Library/DcsIntLib/DcsIntLib.vcxproj.filters
new file mode 100644
index 0000000..567ad3c
--- /dev/null
+++ b/Library/DcsIntLib/DcsIntLib.vcxproj.filters
@@ -0,0 +1,35 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Resource Files
+
+
+
+
+ Header Files
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/DcsInt/DcsIntName.c b/Library/DcsIntLib/DcsIntName.c
similarity index 97%
rename from DcsInt/DcsIntName.c
rename to Library/DcsIntLib/DcsIntName.c
index ccf8698..cd9820e 100644
--- a/DcsInt/DcsIntName.c
+++ b/Library/DcsIntLib/DcsIntName.c
@@ -12,7 +12,7 @@ The full text of the license may be found at
https://opensource.org/licenses/LGPL-3.0
**/
-#include "DcsInt.h"
+#include
#include
#include
#include
diff --git a/Library/DcsTpmLib/DcsTpmLib.vcxproj b/Library/DcsTpmLib/DcsTpmLib.vcxproj
new file mode 100644
index 0000000..aaaf0ec
--- /dev/null
+++ b/Library/DcsTpmLib/DcsTpmLib.vcxproj
@@ -0,0 +1,98 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {AFE577D4-5CC8-4706-975C-7E0A4F6888E1}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+ DcsTpmLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+ DcsTpmLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/DcsTpmLib/DcsTpmLib.vcxproj.filters b/Library/DcsTpmLib/DcsTpmLib.vcxproj.filters
new file mode 100644
index 0000000..a1ce75c
--- /dev/null
+++ b/Library/DcsTpmLib/DcsTpmLib.vcxproj.filters
@@ -0,0 +1,35 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/Library/DcsTpmLib/DcsTpmLib.vcxproj.user b/Library/DcsTpmLib/DcsTpmLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/DcsTpmLib/DcsTpmLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/DcsDiskCryptor.c b/Library/DiskCryptorLib/DcsDiskCryptor.c
new file mode 100644
index 0000000..9ecaee7
--- /dev/null
+++ b/Library/DiskCryptorLib/DcsDiskCryptor.c
@@ -0,0 +1,869 @@
+/** @file
+Interface for DCS
+
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU General Public License, version 3.0 (GPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/GPL-3.0
+**/
+
+#include
+#include "DcsDiskCryptor.h"
+#include
+#include
+#include
+#include
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "include/boot/dc_header.h"
+#include "include/boot/boot_hook.h"
+#include "include/boot/dc_io.h"
+
+// X-TODO: support SECTOR_SIZE other than 512 byte
+
+typedef struct _DCRYPT_DISKIO
+{
+ EFI_DEVICE_PATH *DevicePath;
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ BOOLEAN Mount;
+ unsigned long DiskID;
+} DCRYPT_DISKIO, *PDCRYPT_DISKIO;
+
+DCRYPT_DISKIO* gDiskIo = NULL;
+int gDiskCount = 0;
+
+io_db iodb; // IO/Key Storage
+
+dc_pass gDCryptPassword; // entered password
+int gDCryptPwdCode = 1; // entry code
+int gDCryptAuthRetry = 100;
+UINT8 gDCryptFailOnTimeout = 0;
+
+UINT8 gDCryptBootMode = 0;
+CHAR8* gDCryptBootPartition = NULL;
+unsigned long gDCryptBootDiskID = 0;
+
+bd_data* bootDataBlock = NULL; // data to be passed to the windows driver
+
+VOID CleanSensitiveDataDC(BOOLEAN panic)
+{
+ MEM_BURN(&iodb, sizeof(iodb));
+
+ MEM_BURN(&gDCryptPassword, sizeof(gDCryptPassword));
+
+ if (panic && bootDataBlock != NULL) {
+ MEM_BURN(bootDataBlock, sizeof(*bootDataBlock));
+ }
+}
+
+//////////////////////////////////////////////////////////////////////////
+// DCrypt Boot params memory
+//////////////////////////////////////////////////////////////////////////
+
+EFI_STATUS PrepLegacyBootDataBlock()
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+ UINTN addr;
+
+ // Note: the legacy memory range is compatible with an unmodified dcrypt.sys but on some UEFI's its not free :/
+
+ if (bootDataBlock != NULL) return ret;
+
+ // select memory in range 500-640k
+ for (addr = 500*1024; addr < 640*1024; addr += PAGE_SIZE) {
+ ret = PrepareMemory(addr, sizeof(*bootDataBlock), &bootDataBlock);
+ if (!EFI_ERROR(ret)) {
+ break;
+ }
+ }
+
+ if (EFI_ERROR(ret)) {
+ return ret;
+ }
+
+ // set memory region to be zeroed by the driver
+ bootDataBlock->bd_size = sizeof(*bootDataBlock);
+ bootDataBlock->bd_base = (u32)addr;
+
+ return ret;
+}
+
+EFI_STATUS PrepareBootDataBlock()
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+ UINTN addr;
+
+ // Note: using the new ranges requirers a updated dcrypt.sys
+
+ if (bootDataBlock != NULL) return ret;
+
+ // select memory in range 1-16M in steps of 1M
+ for (addr = 0x00100000; addr <= 0x01000000; addr += (256 * PAGE_SIZE)) {
+ ret = PrepareMemory(addr, sizeof(*bootDataBlock), &bootDataBlock);
+ if (!EFI_ERROR(ret)) {
+ break;
+ }
+ }
+
+ if (EFI_ERROR(ret)) {
+ return ret;
+ }
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"DEBUG: bdb address 0x%08x\n", (u32)addr);
+ }
+
+ // set memory region to be zeroed by the driver
+ bootDataBlock->bd_size = sizeof(*bootDataBlock);
+ bootDataBlock->bd_base = (u32)addr;
+
+ return ret;
+}
+
+EFI_STATUS SetBootDataBlock()
+{
+ if (bootDataBlock == NULL)
+ return EFI_UNSUPPORTED;
+
+ // setup boot data block signature
+ bootDataBlock->sign1 = BDB_SIGN1;
+ bootDataBlock->sign2 = BDB_SIGN2;
+
+ // memory region gets already set by PrepareBootDataBlock
+
+ // set password
+ bootDataBlock->password.size = gDCryptPassword.size; // in bytes
+ CopyMem(bootDataBlock->password.pass, gDCryptPassword.pass, bootDataBlock->password.size);
+
+ // set original realmode interrupt values to be restored, does nothing when old_int13 is 0
+ //bootDataBlock->old_int13 = 0;
+ //bootDataBlock->old_int15 = 0;
+
+ // Note: all other bdb values are ignored by the windows driver
+
+ return EFI_SUCCESS;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Read/Write
+//////////////////////////////////////////////////////////////////////////
+int hdd_io(int hdd_n, void *buff, u16 sectors, u64 start, int read)
+{
+ EFI_STATUS Status;
+ DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
+ PDCRYPT_DISKIO DCryptDisk = NULL;
+
+ DCryptDisk = GetDiskByNumber(hdd_n);
+
+ DcsIntBlockIo = DCryptDisk ? GetBlockIoByProtocol(DCryptDisk->BlockIo) : NULL;
+ if (DcsIntBlockIo == NULL) {
+ ERR_PRINT(L"\nhdd_io Failed to get BlockIo\n");
+ return 0;
+ }
+
+ //Print(L"This[0x%x] mid %x BlockIO: lba=%lld, size=%d %r\n", 0, _MediaId, start, sectors * SECTOR_SIZE, 0);
+ if (read)
+ Status = DcsIntBlockIo->LowRead(DcsIntBlockIo->BlockIo, DcsIntBlockIo->BlockIo->Media->MediaId, start, sectors * SECTOR_SIZE, buff);
+ else
+ Status = DcsIntBlockIo->LowWrite(DcsIntBlockIo->BlockIo, DcsIntBlockIo->BlockIo->Media->MediaId, start, sectors * SECTOR_SIZE, buff);
+ return EFI_ERROR(Status) ? 0 : 1;
+}
+
+EFI_STATUS
+DCBlockIO_Write(
+ IN EFI_BLOCK_IO_PROTOCOL *This,
+ IN UINT32 MediaId,
+ IN EFI_LBA Lba,
+ IN UINTN BufferSize,
+ IN VOID *Buffer
+ )
+{
+ EFI_STATUS Status = EFI_SUCCESS;
+ DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
+ VOID *writeBuff;
+
+ DcsIntBlockIo = GetBlockIoByProtocol(This);
+ if (DcsIntBlockIo == NULL)
+ return EFI_NOT_FOUND;
+
+ // use a copy of the buffer to not change the inout buffer, although it works without that also
+ writeBuff = MEM_ALLOC(BufferSize);
+ if (writeBuff == NULL)
+ return EFI_BAD_BUFFER_SIZE;
+ CopyMem(writeBuff, Buffer, BufferSize);
+
+ //Print(L"This[0x%x] mid %x Write: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
+ //Print(L"*");
+ //if (!hdd_io((int)(UINTN)DcsIntBlockIo->FilterParams, writeBuff, (u16)(BufferSize / SECTOR_SIZE), Lba, 0))
+ if (!dc_disk_io((int)(UINTN)DcsIntBlockIo->FilterParams, writeBuff, (u16)(BufferSize / SECTOR_SIZE), Lba, 0))
+ Status = EFI_DEVICE_ERROR;
+
+ MEM_FREE(writeBuff);
+
+ return Status;
+}
+
+EFI_STATUS
+DCBlockIO_Read(
+ IN EFI_BLOCK_IO_PROTOCOL *This,
+ IN UINT32 MediaId,
+ IN EFI_LBA Lba,
+ IN UINTN BufferSize,
+ OUT VOID *Buffer
+ )
+{
+ EFI_STATUS Status = EFI_SUCCESS;
+ DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
+
+ DcsIntBlockIo = GetBlockIoByProtocol(This);
+ if (DcsIntBlockIo == NULL)
+ return EFI_NOT_FOUND;
+
+ //Print(L"This[0x%x] mid %x ReadBlock: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
+ //Print(L".");
+ //if(!hdd_io((int)(UINTN)DcsIntBlockIo->FilterParams, Buffer, (u16)(BufferSize / SECTOR_SIZE), Lba, 1))
+ if(!dc_disk_io((int)(UINTN)DcsIntBlockIo->FilterParams, Buffer, (u16)(BufferSize / SECTOR_SIZE), Lba, 1))
+ Status = EFI_DEVICE_ERROR;
+
+ return Status;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Mounting
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+EnumDisks()
+{
+ UINTN i, j;
+ UINTN count = 0;
+ UINTN count2 = 0;
+
+ for (i = 0; i < gBIOCount; ++i) {
+ if (!EfiIsPartition(gBIOHandles[i])) count++;
+ else count2++;
+ }
+
+ if (count == 0)
+ return EFI_NOT_FOUND;
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"DEBUG: found %d disks and %d partitions\n", count, count2);
+ }
+
+ gDiskCount = (int)count;
+ gDiskIo = MEM_ALLOC(sizeof(DCRYPT_DISKIO) * gDiskCount);
+ if (gDiskIo == NULL)
+ return EFI_OUT_OF_RESOURCES;
+
+ for (i = 0, j = 0; i < gBIOCount; ++i) {
+ if (!EfiIsPartition(gBIOHandles[i])) {
+ gDiskIo[j].DevicePath = DevicePathFromHandle(gBIOHandles[i]);
+ gDiskIo[j].BlockIo = EfiGetBlockIO(gBIOHandles[i]);
+ gDiskIo[j].DiskID = 0;
+ gDiskIo[j++].Mount = FALSE;
+ }
+ }
+
+ return EFI_SUCCESS;
+}
+
+int
+FindDiskNumber(EFI_DEVICE_PATH* disk)
+{
+ for (int i = 0; i <= gDiskCount; i++) {
+ if (CompareMem(disk, gDiskIo[i].DevicePath, GetDevicePathSize(gDiskIo[i].DevicePath)) == 0) {
+ return (i + 1); // disk numbers start at 1, 0 means invalid
+ }
+ }
+ return 0;
+}
+
+PDCRYPT_DISKIO
+GetDiskByNumber(int number)
+{
+ if (number == 0 || number > gDiskCount)
+ return NULL;
+ return &gDiskIo[number - 1];
+}
+
+EFI_STATUS
+PartitionTryDecrypt()
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+ UINTN i;
+ HARDDRIVE_DEVICE_PATH part;
+ EFI_HANDLE disk;
+ EFI_DEVICE_PATH* disk_path;
+ DCRYPT_DISKIO* dc_disk;
+ int disk_num;
+ int found = 0;
+ int retry = gDCryptAuthRetry;
+
+ do {
+ // password prompt
+ MEM_BURN(&gDCryptPassword, sizeof(gDCryptPassword)); // zero memory
+ DCAskPwd(AskPwdLogin, &gDCryptPassword);
+
+ if (gDCryptPwdCode == AskPwdRetCancel) {
+ return EFI_DCS_USER_CANCELED;
+ }
+ if (gDCryptPwdCode == AskPwdRetTimeout) {
+ if (gDCryptFailOnTimeout) {
+ break;
+ }
+ return EFI_DCS_USER_TIMEOUT;
+ }
+
+ OUT_PRINT(L"%a\n", gDCryptStartMsg);
+
+ dc_header header;
+ mount_inf *mount;
+
+ // check all partitions if the password works for one
+ for (i = 0; i < gBIOCount; ++i) {
+
+ ret = EfiGetPartDetails(gBIOHandles[i], &part, &disk);
+ if (EFI_ERROR(ret)) continue; // means its not a partition same as EfiIsPartition() == FALSE
+
+ disk_path = DevicePathFromHandle(disk);
+ disk_num = FindDiskNumber(disk_path);
+
+ dc_disk = GetDiskByNumber(disk_num);
+
+ ret = dc_disk ? dc_disk->BlockIo->ReadBlocks(dc_disk->BlockIo, dc_disk->BlockIo->Media->MediaId, part.PartitionStart, DC_AREA_SIZE, (UINT8*)&header) : EFI_NOT_FOUND;
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Can't read partition starting at %llu\n", part.PartitionStart);
+ continue;
+ }
+
+ if (dc_decrypt_header(&header, &gDCryptPassword) == 0) {
+ continue;
+ }
+ found++;
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"Found Encrypted Partition ");
+ OUT_PRINT(L"%d", part.PartitionNumber);
+ //EfiPrintPath(disk_path);
+ OUT_PRINT(L" on disk %d\n", disk_num);
+ }
+
+ if ( (iodb.n_mount >= MOUNT_MAX) ||
+ (iodb.n_key >= MOUNT_MAX - ((header.flags & VF_REENCRYPT) != 0)) ||
+ (disk_num > 255) ) // hdd_n is only u8
+ {
+ ERR_PRINT(L"Not enough memory to mount all partitions\n");
+ continue;
+ }
+ mount = &iodb.p_mount[iodb.n_mount];
+
+ mount->hdd_n = (u8)disk_num;
+ mount->begin = part.PartitionStart;
+ mount->end = part.PartitionStart + part.PartitionSize;
+ mount->size = part.PartitionSize;
+
+ mount->flags = header.flags;
+ mount->tmp_size = header.tmp_size / SECTOR_SIZE;
+ mount->stor_off = header.stor_off / SECTOR_SIZE;
+ mount->disk_id = header.disk_id;
+
+ mount->d_key = &iodb.p_key[iodb.n_key++];
+ mount->d_key->alg = (u8)header.alg_1;
+ autocpy(mount->d_key->key, header.key_1, PKCS_DERIVE_MAX);
+
+ if (header.flags & VF_REENCRYPT) {
+ mount->o_key = &iodb.p_key[iodb.n_key++];
+ mount->o_key->alg = (u8)header.alg_2;
+ autocpy(mount->o_key->key, header.key_2, PKCS_DERIVE_MAX);
+ }
+
+ gDiskIo[disk_num - 1].DiskID = header.disk_id;
+ gDiskIo[disk_num - 1].Mount = TRUE;
+ iodb.n_mount++;
+ }
+
+ // clear data
+ MEM_BURN(&header, sizeof(dc_header));
+
+ if (found > 0 || gDCryptPwdCode == AskPwdForcePass) {
+ OUT_PRINT(L"%a\n", gDCryptSuccessMsg);
+ return EFI_SUCCESS;
+ }
+ else {
+ ERR_PRINT(L"%a\n", gDCryptErrorMsg);
+ // clear previous failed authentication information
+ //MEM_BURN(&gDCryptPassword, sizeof(gDCryptPassword));
+ }
+
+ } while (--retry > 0);
+
+ return RETURN_ABORTED;
+}
+
+EFI_STATUS
+MountDisks(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable)
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+
+ if (iodb.n_mount == 0) return ret; // nothign to do just exit
+
+ for (int i = 0; i < gDiskCount; i++) {
+ if (gDiskIo[i].Mount) {
+ if (gConfigDebug) {
+ OUT_PRINT(L"Preparing hooking for disk %d\n", i + 1);
+ }
+ ret = AddCryptoMount(gDiskIo[i].DevicePath, DCBlockIO_Read, DCBlockIO_Write, (VOID*)(UINTN)(i + 1));
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Mount %r\n", ret);
+ }
+ }
+ }
+
+ ret = DscInstallHook(ImageHandle, SystemTable);
+ return ret;
+}
+
+EFI_STATUS
+SelectBootPartition()
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+ EFI_GUID guid;
+
+ if (gDCryptBootPartition[0] != L'\0')
+ {
+ DcsAsciiStrToGuid(&guid, gDCryptBootPartition);
+ EFI_HANDLE h;
+ ret = EfiFindPartByGUID(&guid, &h);
+ if (!EFI_ERROR(ret)) {
+ EfiSetVar(L"DcsExecPartGuid", NULL, &guid, sizeof(EFI_GUID), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ //EfiSetVar(L"DcsExecCmd", NULL, &ExecCmd, (StrLen((CHAR16*)&ExecCmd) + 1) * 2, EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ return EFI_SUCCESS;
+ }
+ }
+
+ if (gDCryptBootMode == BT_MBR_BOOT) {
+ ret = EfiGetPartGUID(gFileRootHandle, &guid);
+ }
+ else
+ {
+ BOOLEAN found = FALSE;
+
+ for (int d = 0; d < gDiskCount && !found; d++) {
+ DCRYPT_DISKIO* dc_disk = &gDiskIo[d];
+ EFI_PARTITION_TABLE_HEADER *gptHdr = NULL;
+ EFI_PARTITION_ENTRY *gptEntry = NULL;
+ // Note: we are testing only EFI partitions here as windows can't boot in EFI mode from a MBR disk
+ if (dc_disk->BlockIo != NULL &&
+ !EFI_ERROR(ret = GptReadHeader(dc_disk->BlockIo, 1, &gptHdr)) &&
+ !EFI_ERROR(ret = GptReadEntryArray(dc_disk->BlockIo, gptHdr, &gptEntry)))
+ {
+ for (UINT32 i = 0; i < gptHdr->NumberOfPartitionEntries; ++i) {
+ if (CompareGuid(&gptEntry[i].PartitionTypeGUID, &gEfiPartTypeSystemPartGuid)) {
+ if (gDCryptBootMode == BT_AP_PASSWORD) {
+ if (dc_disk->Mount == FALSE) continue;
+ }
+ if (gDCryptBootMode == BT_DISK_ID) {
+ if(dc_disk->DiskID != gDCryptBootDiskID) continue;
+ }
+ // else if (gDCryptBootMode == BT_MBR_FIRST)
+ CopyGuid(&guid, &gptEntry[i].UniquePartitionGUID);
+ found = TRUE;
+ }
+ }
+ }
+ }
+
+ if (!found) {
+ ERR_PRINT(L"Failed to find boot partition\n");
+ ret = EFI_NOT_FOUND;
+ }
+ }
+
+ if (EFI_ERROR(ret)) {
+ return ret;
+ }
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"Selected boot partition: %g\n", &guid);
+ }
+
+ EfiSetVar(L"DcsExecPartGuid", NULL, &guid, sizeof(EFI_GUID), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ //EfiSetVar(L"DcsExecCmd", NULL, &ExecCmd, (StrLen((CHAR16*)&ExecCmd) + 1) * 2, EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ return EFI_SUCCESS;
+}
+
+typedef struct _ldr_version {
+ unsigned long sign1; // signature to search for bootloader in memory
+ unsigned long sign2; // signature to search for bootloader in memory
+ unsigned long ldr_ver; // bootloader version
+} ldr_version;
+
+#define CFG_SIGN1 0x1434A669
+#define CFG_SIGN2 0x7269DA46
+
+ldr_version ver = {
+ CFG_SIGN1, CFG_SIGN2,
+ DCS_VERSION
+};
+
+
+//////////////////////////////////////////////////////////////////////////
+// DiskCryptor Entry Point
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+DcsDiskCryptor(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable)
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+
+ if (gConfigDebug) {
+ OUT_PRINT(L"DiskCryptor UEFI bootloader version: %d.%02d\n", ver.ldr_ver / 100, ver.ldr_ver % 100);
+ }
+
+ // setup clear data inplementation callabck
+ SetCleanSensitiveDataFunc(CleanSensitiveDataDC);
+
+ // Load auth parameters
+ DCAuthLoadConfig();
+
+ // init structs
+ zeroauto(&iodb, sizeof(iodb));
+
+ // init crypto
+ xts_init(0/*conf.options & OP_HW_CRYPTO*/);
+
+ // enum disks
+ ret = EnumDisks();
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"No disks found: %r\n", ret);
+ return ret;
+ }
+
+ // prepare memory for boot data
+ ret = PrepareBootDataBlock();
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Failed to allocate required memory range for boot params: %r\n", ret);
+ return ret;
+ }
+
+ // prompt for password nd try decrypt partitions
+ ret = PartitionTryDecrypt();
+ // Reset Console buffer
+ gST->ConIn->Reset(gST->ConIn, FALSE);
+
+ if (EFI_ERROR(ret)) {
+ return ret; // returning error will trigger clearence of sensitive data
+ }
+
+ // set boot data values
+ ret = SetBootDataBlock();
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Can not set boot params for driver: %r\n", ret);
+ return ret;
+ }
+
+ // after have set up iodb and gDCryptPassword we dont longer need the password, so clear it from memory
+ MEM_BURN(&gDCryptPassword, sizeof(gDCryptPassword));
+
+ // Install hooks
+ ret = MountDisks(ImageHandle, SystemTable);
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Bind %r\n", ret);
+ return ret;
+ }
+
+ // Select boot partition
+ ret = SelectBootPartition();
+ if (EFI_ERROR(ret)) {
+ ERR_PRINT(L"Select %r\n", ret);
+ return ret;
+ }
+
+ return EFI_SUCCESS;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// UI section
+//////////////////////////////////////////////////////////////////////////
+
+int gDCryptTouchInput = 0;
+UINT8 gDCryptAutoLogin = 0;
+CHAR16* gDCryptAutoPassword = L"\0";
+CHAR16* gDCryptKeyFilePath = L"\0";
+
+char* gDCryptPasswordMsg = NULL;
+char* gDCryptStartMsg = NULL;
+char* gDCryptSuccessMsg = NULL;
+char* gDCryptErrorMsg = NULL;
+
+VOID DCAuthLoadConfig()
+{
+// Main:
+ // Keyboard Layout
+ // QWERTY 0
+ // QWERTZ 1
+ // AZERTY 2
+ gKeyboardLayout = ConfigReadInt("KeyboardLayout", 0);
+
+ // Booting Method
+ // First disk MBR // BT_MBR_FIRST 2
+ // First partition with appropriate password // BT_AP_PASSWORD 4
+ // Specified partition // BT_DISK_ID 5
+ // (Boot disk MBR) // BT_MBR_BOOT 1 // default
+ // (Active partition) // BT_ACTIVE 3 // not supported in EFI mode
+ gDCryptBootMode = (UINT8)ConfigReadInt("BootMode", 1);
+ if (gDCryptBootMode == BT_ACTIVE || (gDCryptBootMode == BT_MBR_BOOT && gExternMode)) {
+ gDCryptBootMode = BT_AP_PASSWORD;
+ }
+ gDCryptBootDiskID = (unsigned int)ConfigReadInt64("BootDiskID", 0);
+ gDCryptBootPartition = ConfigReadString("BootPartition", "", NULL, 36 + 1); // new
+
+// Authentication:
+ // Authenticaltion Method
+ // Password and bootauth keyfile 3
+ // Password request 1
+ // Embedded bootauth keyfile 2
+ gDCryptAutoLogin = (UINT8)ConfigReadInt("AutoLogin", 0); // set 1 and keep AutoPassword empty for key file only
+ gDCryptAutoPassword = ConfigReadStringW("AutoPassword", L"", NULL, MAX_PASSWORD + 1);
+ gDCryptKeyFilePath = ConfigReadStringW("KeyFilePath", L"", NULL, MAX_MSG);
+
+ // Picture Password - new
+ gDCryptTouchInput = ConfigReadInt("TouchInput", 0);
+ gPasswordPictureFileName = ConfigReadStringW("PasswordPicture", L"\\EFI\\" DCS_DIRECTORY L"\\login.bmp", NULL, MAX_MSG); // h1630 v1090
+ gPasswordPictureChars = ConfigReadString("PictureChars", gPasswordPictureCharsDefault, NULL, MAX_MSG);
+ gPasswordPictureCharsLen = AsciiStrnLenS(gPasswordPictureChars, MAX_MSG);
+ gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0); // show chars
+ gPasswordHideLetters = ConfigReadInt("PasswordHideLetters", 0); // always show letters in touch points
+ gPasswordShowMark = ConfigReadInt("AuthorizeMarkTouch", 0); // show touch points
+
+ //
+ //gPlatformLocked = ConfigReadInt("PlatformLocked", 0); // extern
+ //gTPMLocked = ConfigReadInt("TPMLocked", 0); // extern
+ //gTPMLockedInfoDelay = ConfigReadInt("TPMLockedInfoDelay", 9); // extern
+ //gSCLocked = ConfigReadInt("SCLocked", 0); // extern
+
+ // Password Prompt Message
+ gDCryptPasswordMsg = ConfigReadString("PasswordMsg", "Enter password:", NULL, MAX_MSG);
+
+ // Display Entered Password * or hide completly
+ gPasswordProgress = (UINT8)ConfigReadInt("AuthorizeProgress", 1); // print "*"
+
+ // Authentication TimeOut
+ gPasswordTimeout = (UINT8)ConfigReadInt("PasswordTimeout", 180); // If no password for =>
+ // cancel timeout when any key pressed [ ] - DCS always behaves this way
+
+ // Trying password message - new
+ gDCryptStartMsg = MEM_ALLOC(MAX_MSG);
+ ConfigReadString("AuthStartMsg", "Authorizing...", gDCryptStartMsg, MAX_MSG);
+
+ // Success message - new
+ gDCryptSuccessMsg = MEM_ALLOC(MAX_MSG);
+ ConfigReadString("AuthSuccessMsg", "Password correct", gDCryptSuccessMsg, MAX_MSG);
+
+// Invalid Password:
+ // use incorrect action if no password entered [ ]
+ gDCryptFailOnTimeout = (UINT8)ConfigReadInt("FailOnTimeout", 0);
+
+ // Invalid Password message
+ gDCryptErrorMsg = MEM_ALLOC(MAX_MSG);
+ ConfigReadString("AuthFailedMsg", "Password incorrect", gDCryptErrorMsg, MAX_MSG);
+
+ // Invalid Password action ConfigReadString("ActionFailed", ...
+ // Halt system "halt" EFI_DCS_HALT_REQUESTED
+ // Reboot system "reboot" EFI_DCS_REBOOT_REQUESTED
+ // Boot from active partition "cancel" EFI_DCS_USER_CANCELED
+ // Exit to BIOS
+ // Retry authentication "exit" && gDCryptAuthRetry > 0; else gDCryptAuthRetry == 0;
+ // Load Boot Disk MBR "cancel" EFI_DCS_USER_CANCELED
+ // "shutdown" EFI_DCS_SHUTDOWN_REQUESTED
+
+ // Authentication Tries - new
+ gDCryptAuthRetry = ConfigReadInt("AuthorizeRetry", 100);
+
+}
+
+VOID DCAskPwd(IN UINTN pwdType, OUT dc_pass* dcPwd)
+{
+ BOOLEAN pwdReady;
+
+ do {
+ pwdReady = TRUE;
+ /*if (pwdType == AskPwdNew) {
+ EFI_INPUT_KEY key;
+ key = KeyWait(L"Press 'c' to configure, others to skip %1d\r", 9, 0, 0);
+ if (key.UnicodeChar == 'c') {
+ PMENU_ITEM item = NULL;
+ EFI_STATUS res;
+ OUT_PRINT(L"\n%V%a %a configuration%N\n", DC_APP_NAME, DC_PRODUCT_VER);
+ if (gCfgMenu == NULL) CfgMenuCreate();
+ do {
+ DcsMenuPrint(gCfgMenu);
+ item = NULL;
+ key.UnicodeChar = 0;
+ while (item == NULL) {
+ item = gCfgMenu;
+ key = GetKey();
+ while (item != NULL) {
+ if (item->Select == key.UnicodeChar) break;
+ item = item->Next;
+ }
+ }
+ OUT_PRINT(L"%c\n", key.UnicodeChar);
+ res = item->Action(item->Context);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"%r\n", res);
+ }
+ } while (gCfgMenuContinue);
+ if ((gDCryptPwdCode == AskPwdRetCancel) || (gDCryptPwdCode == AskPwdRetTimeout)) {
+ return;
+ }
+ }
+ }*/
+
+ if (gDCryptAutoLogin) {
+ gDCryptAutoLogin = 0;
+ gDCryptPwdCode = AskPwdRetLogin;
+ if (!EFI_ERROR(StrCpyS(dcPwd->pass, MAX_PASSWORD, gDCryptAutoPassword))) {
+ dcPwd->size = (int)StrLen(gDCryptAutoPassword);
+ }
+ }
+ else {
+ if (gDCryptTouchInput == 1 &&
+ gGraphOut != NULL &&
+ ((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
+ AskPictPwdInt(pwdType, sizeof(dcPwd->pass), dcPwd->pass, &dcPwd->size, &gDCryptPwdCode, TRUE);
+ }
+ else {
+ /*switch (pwdType) {
+ case AskPwdNew:
+ OUT_PRINT(L"New password:");
+ break;
+ case AskPwdConfirm:
+ OUT_PRINT(L"Confirm password:");
+ break;
+ case AskPwdLogin:
+ default:*/
+ OUT_PRINT(L"%a", gDCryptPasswordMsg);
+ /* break;
+ }*/
+ AskConsolePwdInt(&dcPwd->size, dcPwd->pass, &gDCryptPwdCode, sizeof(dcPwd->pass), gPasswordVisible, TRUE);
+ }
+
+ if ((gDCryptPwdCode == AskPwdRetCancel) || (gDCryptPwdCode == AskPwdRetTimeout)) {
+ return;
+ }
+ }
+
+ if (gDCryptKeyFilePath[0] != L'\0') {
+ EFI_STATUS ret = DCApplyKeyFile(dcPwd, gDCryptKeyFilePath);
+ if (EFI_ERROR(ret)){
+ ERR_PRINT(L"Failed to apply KeyFile: %r\n", ret);
+ gDCryptPwdCode = AskPwdRetCancel;
+ }
+ }
+
+ /*
+ if (gSCLocked) {
+ ERR_PRINT(L"Smart card is not configured\n");
+ }
+
+ if (gPlatformLocked) {
+ if (gPlatformKeyFile == NULL) {
+ ERR_PRINT(L"Platform key file is absent\n");
+ }
+ else {
+ ApplyKeyFile(dcPwd, gPlatformKeyFile, gPlatformKeyFileSize);
+ }
+ }
+
+ if (gTPMLocked) {
+ if (gTpm != NULL) {
+ pwdReady = !EFI_ERROR(gTpm->Apply(gTpm, dcPwd));
+ if (!pwdReady) {
+ ERR_PRINT(L"TPM error: DCS configuration ");
+ if (!gTpm->IsConfigured(gTpm)) {
+ ERR_PRINT(L"absent\n");
+ }
+ else {
+ ERR_PRINT(L"locked\n");
+ }
+ }
+ } else {
+ ERR_PRINT(L"No TPM found\n");
+ }
+ }
+ */
+ } while (!pwdReady);
+}
+
+EFI_STATUS
+DCApplyKeyFile(
+ IN OUT dc_pass* password,
+ IN CHAR16* keyfilePath
+)
+{
+ EFI_STATUS ret = EFI_SUCCESS;
+ UINT8* fileData = NULL;
+ UINTN fileSize = 0;
+
+ ret = FileLoad(NULL, keyfilePath, &fileData, &fileSize);
+ if (EFI_ERROR(ret)) {
+ return ret;
+ }
+
+ return DCApplyKeyData(password, fileData, fileSize);
+}
+
+EFI_STATUS
+DCApplyKeyData(
+ IN OUT dc_pass* password,
+ UINT8* fileData,
+ UINTN fileSize
+)
+{
+ sha512_ctx sha;
+ u8 hash[SHA512_DIGEST_SIZE];
+
+ sha512_init(&sha);
+ sha512_add(&sha, fileData, (unsigned long)fileSize);
+ sha512_done(&sha, hash);
+
+ // mix the keyfile hash and password
+ for (UINTN i = 0; i < (SHA512_DIGEST_SIZE / sizeof(u32)); i++) {
+ p32(password->pass)[i] += p32(hash)[i];
+ }
+ password->size = max(password->size, SHA512_DIGEST_SIZE);
+
+ // prevent leaks
+ zeroauto(hash, sizeof(hash));
+ zeroauto(&sha, sizeof(sha));
+
+ return EFI_SUCCESS;
+}
+
+/*VOID DumpBlob(UINT8* sectorData, UINTN sectorSize)
+{
+ for (UINTN idx = 0; idx < sectorSize; idx++)
+ {
+ UINT8 c = sectorData[idx];
+ if (c > 0x1f && c < 0x7f)
+ OUT_PRINT(L"%c", c);
+ else
+ OUT_PRINT(L"_");
+ }
+ OUT_PRINT(L"\n");
+}*/
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/DcsDiskCryptor.h b/Library/DiskCryptorLib/DcsDiskCryptor.h
new file mode 100644
index 0000000..9af3084
--- /dev/null
+++ b/Library/DiskCryptorLib/DcsDiskCryptor.h
@@ -0,0 +1,59 @@
+/** @file
+Interface for DCS
+
+Copyright (c) 2019. DiskCryptor, David Xanatos
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU General Public License, version 3.0 (GPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/GPL-3.0
+**/
+
+#ifndef _DCSDISKCRYPTOR_H_
+#define _DCSDISKCRYPTOR_H_
+
+#include
+#include "include/boot/boot.h"
+#include "crypto/sha512_small.h"
+
+#define DC_APP_NAME "DiskCryptor"
+
+#define MAX_MSG 256
+
+extern char* gDCryptPasswordMsg;
+extern int gDCryptAuthRetry;
+
+extern char* gDCryptStartMsg;
+extern char* gDCryptSuccessMsg;
+extern char* gDCryptErrorMsg;
+
+typedef struct _DCRYPT_DISKIO DCRYPT_DISKIO, *PDCRYPT_DISKIO;
+
+PDCRYPT_DISKIO
+GetDiskByNumber(int number);
+
+VOID
+DCAuthLoadConfig();
+
+VOID
+DCAskPwd(
+ IN UINTN pwdType,
+ OUT dc_pass* vcPwd
+);
+
+EFI_STATUS
+DCApplyKeyFile(
+ IN OUT dc_pass* password,
+ IN CHAR16* keyfilePath
+);
+
+EFI_STATUS
+DCApplyKeyData(
+ IN OUT dc_pass* password,
+ UINT8* fileData,
+ UINTN fileSize
+);
+
+#endif // _DCSDISKCRYPTOR_H_
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/DiskCryptorLib.inf b/Library/DiskCryptorLib/DiskCryptorLib.inf
new file mode 100644
index 0000000..99691f3
--- /dev/null
+++ b/Library/DiskCryptorLib/DiskCryptorLib.inf
@@ -0,0 +1,97 @@
+## @file
+# DiskCryptor library
+#
+# Copyright (c) 2019. DiskCryptor, David Xanatos
+#
+# This program and the accompanying materials are licensed and made available
+# under the terms and conditions of the GNU General Public License, version 3.0 (GPL-3.0).
+#
+# The full text of the license may be found at
+# https://opensource.org/licenses/GPL-3.0
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010006
+ BASE_NAME = DiskCryptorLib
+ MODULE_UNI_FILE = DiskCryptorLib.uni
+ FILE_GUID = 6166A5F2-3257-4856-9E85-5409564975B4
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = DiskCryptorLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER
+
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+
+[Sources.common]
+ DcsDiskCryptor.c
+ crypto/aes_small.c
+ crypto/serpent_small.c
+ crypto/twofish_small.c
+ crypto/xts_small.c
+ crypto/sha512_pkcs5_2_small.c
+ crypto/sha512_small.c
+ dc_header.c
+ dc_io.c
+
+[Sources.X64]
+
+[Sources.IA32]
+
+[Packages]
+ MdePkg/MdePkg.dec
+ DcsPkg/DcsPkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ MemoryAllocationLib
+ UefiLib
+ RngLib
+ BaseCryptLib
+
+[Protocols]
+
+
+[BuildOptions.IA32]
+DEBUG_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /FAcs /D_UEFI
+RELEASE_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /FAcs /D_UEFI
+NOOPT_VS2010x86_IA32_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /Od /FAcs /D_UEFI
+
+DEBUG_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /FAcs /D_UEFI
+RELEASE_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /FAcs /D_UEFI
+NOOPT_VS2015x86_IA32_CC_FLAGS == /arch:IA32 /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm /Od /FAcs /D_UEFI
+
+RELEASE_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+DEBUG_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+NOOPT_VS2010x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+
+RELEASE_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+DEBUG_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+NOOPT_VS2015x86_IA32_NASM_FLAGS = -Xvc --prefix _ -d_UEFI=1
+
+[BuildOptions.X64]
+DEBUG_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2010x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+DEBUG_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2015x86_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+DEBUG_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /D_UEFI
+RELEASE_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /D_UEFI
+NOOPT_VS2017_X64_CC_FLAGS == /nologo /c /WX /GS- /W4 /Gs32768 /D UNICODE /Gy /FIAutoGen.h /EHs-c- /GR- /GF /Zi /Gm /Od /D_UEFI
+
+RELEASE_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2010x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+
+RELEASE_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2015x86_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+
+RELEASE_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+DEBUG_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
+NOOPT_VS2017_X64_NASM_FLAGS = -Xvc -d_UEFI=1
diff --git a/Library/DiskCryptorLib/DiskCryptorLib.vcxproj b/Library/DiskCryptorLib/DiskCryptorLib.vcxproj
new file mode 100644
index 0000000..4ab670a
--- /dev/null
+++ b/Library/DiskCryptorLib/DiskCryptorLib.vcxproj
@@ -0,0 +1,124 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 15.0
+ {53B4FBAB-3988-4B16-9444-F14BB9CEC851}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/DiskCryptorLib.vcxproj.filters b/Library/DiskCryptorLib/DiskCryptorLib.vcxproj.filters
new file mode 100644
index 0000000..220f132
--- /dev/null
+++ b/Library/DiskCryptorLib/DiskCryptorLib.vcxproj.filters
@@ -0,0 +1,116 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+ {19ae587a-1f74-4024-a1d0-7b82ec9f7037}
+
+
+ {e531b1f4-71fe-4802-b7cd-6266b8bbeeeb}
+
+
+ {bdeae058-ae62-4cd7-a0fd-df857ce4ee9c}
+
+
+
+
+ include\boot
+
+
+ include\boot
+
+
+ include\boot
+
+
+ include
+
+
+ include
+
+
+ include\boot
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ include\boot
+
+
+ include\boot
+
+
+ include\boot
+
+
+ include\boot
+
+
+ Header Files
+
+
+
+
+ Resource Files
+
+
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ crypto
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/aes_small.c b/Library/DiskCryptorLib/crypto/aes_small.c
new file mode 100644
index 0000000..31b3be1
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/aes_small.c
@@ -0,0 +1,199 @@
+/*
+ *
+ * Copyright (c) 2007-2010
+ * ntldr PGP key ID - 0xC48251EB4F8E4E6E
+ * based on rijndael-alg-fst.c
+ * @author Vincent Rijmen
+ * @author Antoon Bosselaers
+ * @author Paulo Barreto
+ * @author Serge Trusov
+ *
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 3 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+#include
+#include "aes_small.h"
+
+static unsigned long Te0[256];
+static unsigned long Td0[256];
+static unsigned char Te4[256];
+static unsigned char Td4[256];
+
+#define Td0(x) (Td0[x])
+#define Td1(x) _rotr(Td0(x), 24)
+#define Td2(x) _rotr(Td0(x), 16)
+#define Td3(x) _rotr(Td0(x), 8)
+#define Td4(x) Td4[x]
+
+#define Te0(x) (Te0[x])
+#define Te1(x) _rotr(Te0(x), 24)
+#define Te2(x) _rotr(Te0(x), 16)
+#define Te3(x) _rotr(Te0(x), 8)
+#define Te4(x) Te4[x]
+#define WPOLY 0x11b
+
+#define lfsr2(x) ((x & 0x80) ? x<<1 ^ WPOLY: x<<1)
+
+static unsigned long key_mix(unsigned long temp)
+{
+ return (Te4[(unsigned char)(temp >> 8 )]) << 0 ^ (Te4[(unsigned char)(temp >> 16)]) << 8 ^
+ (Te4[(unsigned char)(temp >> 24)]) << 16 ^ (Te4[(unsigned char)(temp >> 0 )]) << 24;
+}
+
+void aes256_set_key(const unsigned char *key, aes256_key *skey)
+{
+ unsigned long *ek, *dk;
+ int j, i, k;
+ unsigned long t, rcon, d;
+
+ __movsb((unsigned char*)(ek = skey->enc_key), key, AES_KEY_SIZE);
+ i = 7; rcon = 1;
+ do
+ {
+ for (t = key_mix(ek[7]) ^ rcon, j = 0; j < 4; j++) {
+ t ^= ek[j]; ek[8 + j] = t;
+ }
+ if (--i == 0) break;
+
+ for (t = key_mix(_rotr(ek[11], 24)), j = 4; j < 8; j++) {
+ t ^= ek[j]; ek[8 + j] = t;
+ }
+ ek += 8; rcon <<= 1;
+ } while (1);
+
+ ek = skey->enc_key;
+ dk = skey->dec_key;
+
+ for (i = 0, j = 4*ROUNDS; i <= j; i += 4, j -= 4)
+ {
+ for (k = 0; k < 4; k++) {
+ dk[i + k] = ek[j + k]; dk[j + k] = ek[i + k];
+ }
+ }
+ for (i = 0; i < (ROUNDS-1) * 4; i++)
+ {
+ t = dk[i + 4], d = 0;
+
+ for (j = 32; j; j -= 8) {
+ d ^= _rotr(Td0(Te4[(unsigned char)t]), j); t >>= 8;
+ }
+ dk[i + 4] = d;
+ }
+}
+
+void aes256_encrypt(const unsigned char *in, unsigned char *out, aes256_key *key)
+{
+ unsigned long s[4];
+ unsigned long t[4];
+ unsigned long *rk, x;
+ unsigned long r, n;
+
+ rk = key->enc_key;
+ s[0] = ((unsigned long*)in)[0] ^ *rk++; s[1] = ((unsigned long*)in)[1] ^ *rk++;
+ s[2] = ((unsigned long*)in)[2] ^ *rk++; s[3] = ((unsigned long*)in)[3] ^ *rk++;
+ r = ROUNDS-1;
+
+ do
+ {
+ for (n = 0; n < 4; n++)
+ {
+ t[n] = (Te0((unsigned char)(s[0] >> 0 ))) ^ (Te1((unsigned char)(s[1] >> 8 ))) ^
+ (Te2((unsigned char)(s[2] >> 16))) ^ (Te3((unsigned char)(s[3] >> 24))) ^ *rk++;
+
+ x = s[0]; s[0] = s[1]; s[1] = s[2]; s[2] = s[3]; s[3] = x;
+ }
+ s[0] = t[0]; s[1] = t[1]; s[2] = t[2]; s[3] = t[3];
+ } while (--r);
+
+ for (n = 0; n < 4; n++)
+ {
+ s[n] = (Te4((unsigned char)(t[0] >> 0 )) << 0 ) ^ (Te4((unsigned char)(t[1] >> 8 )) << 8 ) ^
+ (Te4((unsigned char)(t[2] >> 16)) << 16) ^ (Te4((unsigned char)(t[3] >> 24)) << 24) ^ *rk++;
+
+ x = t[0]; t[0] = t[1]; t[1] = t[2]; t[2] = t[3]; t[3] = x;
+ }
+ __movsb(out, (const unsigned char*)&s, AES_BLOCK_SIZE);
+}
+
+void aes256_decrypt(const unsigned char *in, unsigned char *out, aes256_key *key)
+{
+ unsigned long s[4];
+ unsigned long t[4];
+ unsigned long *rk, x;
+ unsigned long r, n;
+
+ rk = key->dec_key;
+ s[0] = ((unsigned long*)in)[0] ^ *rk++; s[1] = ((unsigned long*)in)[1] ^ *rk++;
+ s[2] = ((unsigned long*)in)[2] ^ *rk++; s[3] = ((unsigned long*)in)[3] ^ *rk++;
+ r = ROUNDS-1;
+
+ do
+ {
+ for (n = 0; n < 4; n++)
+ {
+ t[n] = (Td0((unsigned char)(s[0] >> 0 ))) ^ (Td1((unsigned char)(s[3] >> 8 ))) ^
+ (Td2((unsigned char)(s[2] >> 16))) ^ (Td3((unsigned char)(s[1] >> 24))) ^ *rk++;
+
+ x = s[0]; s[0] = s[1]; s[1] = s[2]; s[2] = s[3]; s[3] = x;
+ }
+ s[0] = t[0]; s[1] = t[1]; s[2] = t[2]; s[3] = t[3];
+ } while (--r);
+
+ for (n = 0; n < 4; n++)
+ {
+ s[n] = (Td4((unsigned char)(t[0] >> 0 )) << 0 ) ^ (Td4((unsigned char)(t[3] >> 8 )) << 8 ) ^
+ (Td4((unsigned char)(t[2] >> 16)) << 16) ^ (Td4((unsigned char)(t[1] >> 24)) << 24) ^ *rk++;
+
+ x = t[0]; t[0] = t[1]; t[1] = t[2]; t[2] = t[3]; t[3] = x;
+ }
+ __movsb(out, (const unsigned char*)&s, AES_BLOCK_SIZE);
+}
+
+void aes256_gentab()
+{
+ unsigned char pow[256], log[256];
+ unsigned char i, w;
+
+ i = 0; w = 1;
+ do
+ {
+ pow[i] = w;
+ log[w] = i;
+ w ^= lfsr2(w);
+ } while(++i);
+
+ log[0] = 0; pow[255] = 0; i = 0;
+ do
+ {
+ w = pow[255 - log[i]];
+ w ^= w << 1 ^ w << 2 ^ w << 3 ^ w << 4 ^
+ w >> 4 ^ w >> 5 ^ w >> 6 ^ w >> 7 ^ (1<<6 ^ 1<<5 ^ 1<<1 ^ 1<<0);
+ Te4[i] = w;
+ Td4[w] = i;
+ } while(++i);
+
+ i = 0;
+ do
+ {
+ unsigned char f = Te4[i];
+ unsigned char r = Td4[i];
+ unsigned char x = (unsigned char)lfsr2(f);
+
+ Te0[i] = (f ^ x) << 24 | f << 16 | f << 8 | x;
+ Td0[i] = ! r ? r :
+ pow[(0x68 + log[r]) % 255] << 24 ^
+ pow[(0xEE + log[r]) % 255] << 16 ^
+ pow[(0xC7 + log[r]) % 255] << 8 ^
+ pow[(0xDF + log[r]) % 255] << 0;
+ } while (++i);
+}
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/aes_small.h b/Library/DiskCryptorLib/crypto/aes_small.h
new file mode 100644
index 0000000..58b68e2
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/aes_small.h
@@ -0,0 +1,18 @@
+#ifndef _AES_SMALL_H_
+#define _AES_SMALL_H_
+
+#define ROUNDS 14
+#define AES_KEY_SIZE 32
+#define AES_BLOCK_SIZE 16
+
+typedef __declspec(align(16)) struct _aes256_key {
+ __declspec(align(16)) unsigned long enc_key[4 *(ROUNDS + 1)];
+ __declspec(align(16)) unsigned long dec_key[4 *(ROUNDS + 1)];
+} aes256_key;
+
+void aes256_set_key(const unsigned char *key, aes256_key *skey);
+void aes256_encrypt(const unsigned char *in, unsigned char *out, aes256_key *key);
+void aes256_decrypt(const unsigned char *in, unsigned char *out, aes256_key *key);
+void aes256_gentab();
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/intrin.h b/Library/DiskCryptorLib/crypto/intrin.h
new file mode 100644
index 0000000..b1e08de
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/intrin.h
@@ -0,0 +1,197 @@
+#ifndef _INTRIN_H_
+#define _INTRIN_H_
+
+#include
+#include
+#include
+
+#define memcpy(dest,source,count) CopyMem(dest,source,(UINTN)(count))
+#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
+#define memchr(buf,ch,count) ScanMem8(buf,(UINTN)(count),(UINT8)ch)
+#define memcmp(buf1,buf2,count) (int)(CompareMem(buf1,buf2,(UINTN)(count)))
+
+
+// config
+#ifdef __GNUC__
+ #define VC_INLINE static inline __attribute__((always_inline))
+#elif defined (_MSC_VER)
+ #define VC_INLINE __forceinline
+#else
+ #define VC_INLINE static inline
+#endif
+
+//defs
+#ifdef __cplusplus
+extern "C" {
+#endif
+extern unsigned __int64 __cdecl _rotl64(unsigned __int64,int);
+extern unsigned __int64 __cdecl _rotr64(unsigned __int64,int);
+extern unsigned int __cdecl _rotl(unsigned int,int);
+extern unsigned int __cdecl _rotr(unsigned int,int);
+extern unsigned char _rotr8(unsigned char value, unsigned char shift);
+extern unsigned short _rotr16(unsigned short value, unsigned char shift);
+extern unsigned char _rotl8(unsigned char value, unsigned char shift);
+extern unsigned short _rotl16(unsigned short value, unsigned char shift);
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef TC_NO_COMPILER_INT64
+typedef unsigned __int32 TC_LARGEST_COMPILER_UINT;
+#else
+typedef unsigned __int64 TC_LARGEST_COMPILER_UINT;
+typedef __int64 int64;
+typedef unsigned __int64 uint64;
+#define LL(x) x##ui64
+#endif
+
+// misc
+#if defined(_MSC_VER) && !defined(_UEFI)
+ #if _MSC_VER >= 1400
+ #if !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
+ // VC2005 workaround: disable declarations that conflict with winnt.h
+ #define _interlockedbittestandset CRYPTOPP_DISABLED_INTRINSIC_1
+ #define _interlockedbittestandreset CRYPTOPP_DISABLED_INTRINSIC_2
+ #define _interlockedbittestandset64 CRYPTOPP_DISABLED_INTRINSIC_3
+ #define _interlockedbittestandreset64 CRYPTOPP_DISABLED_INTRINSIC_4
+ #include
+ #undef _interlockedbittestandset
+ #undef _interlockedbittestandreset
+ #undef _interlockedbittestandset64
+ #undef _interlockedbittestandreset64
+ #endif
+ #define CRYPTOPP_FAST_ROTATE(x) 1
+ #elif !defined(_UEFI) && _MSC_VER >= 1300
+ #define CRYPTOPP_FAST_ROTATE(x) ((x) == 32 | (x) == 64)
+ #else
+ #define CRYPTOPP_FAST_ROTATE(x) ((x) == 32)
+ #endif
+#elif (defined(__MWERKS__) && TARGET_CPU_PPC) || \
+ (defined(__GNUC__) && (defined(_ARCH_PWR2) || defined(_ARCH_PWR) || defined(_ARCH_PPC) || defined(_ARCH_PPC64) || defined(_ARCH_COM)))
+ #define CRYPTOPP_FAST_ROTATE(x) ((x) == 32)
+#elif defined(__GNUC__) && (CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86) // depend on GCC's peephole optimization to generate rotate instructions
+ #define CRYPTOPP_FAST_ROTATE(x) 1
+#else
+ #define CRYPTOPP_FAST_ROTATE(x) 0
+#endif
+
+#if defined( _MSC_VER ) && ( _MSC_VER > 800 ) && !defined(_UEFI)
+#pragma intrinsic(memcpy,memset)
+#endif
+
+#if _MSC_VER >= 1300 && !defined(__INTEL_COMPILER)
+// Intel C++ Compiler 10.0 calls a function instead of using the rotate instruction when using these instructions
+#pragma intrinsic(_rotr,_rotl,_rotr64,_rotl64)
+
+#define rotr32(x,n) _rotr(x, n)
+#define rotl32(x,n) _rotl(x, n)
+#define rotr64(x,n) _rotr64(x, n)
+#define rotl64(x,n) _rotl64(x, n)
+
+#else
+
+#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
+#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
+#define rotr64(x,n) (((x) >> n) | ((x) << (64 - n)))
+#define rotl64(x,n) (((x) << n) | ((x) >> (64 - n)))
+
+#endif
+
+#if _MSC_VER >= 1400 && !defined(__INTEL_COMPILER)
+// Intel C++ Compiler 10.0 calls a function instead of using the rotate instruction when using these instructions
+#pragma intrinsic(_rotr8,_rotl8,_rotr16,_rotl16)
+
+#define rotr8(x,n) _rotr8(x, n)
+#define rotl8(x,n) _rotl8(x, n)
+#define rotr16(x,n) _rotr16(x, n)
+#define rotl16(x,n) _rotl16(x, n)
+
+#else
+
+#define rotr8(x,n) (((x) >> n) | ((x) << (8 - n)))
+#define rotl8(x,n) (((x) << n) | ((x) >> (8 - n)))
+#define rotr16(x,n) (((x) >> n) | ((x) << (16 - n)))
+#define rotl16(x,n) (((x) << n) | ((x) >> (16 - n)))
+
+#endif
+
+#if defined(__GNUC__) && defined(__linux__)
+#define CRYPTOPP_BYTESWAP_AVAILABLE
+#include
+#elif defined(_MSC_VER) && _MSC_VER >= 1300 && !defined(_UEFI)
+#pragma intrinsic(_byteswap_ulong,_byteswap_uint64)
+#define CRYPTOPP_BYTESWAP_AVAILABLE
+#define bswap_32(x) _byteswap_ulong(x)
+#define bswap_64(x) _byteswap_uint64(x)
+#elif defined(__APPLE__)
+#include
+#define CRYPTOPP_BYTESWAP_AVAILABLE
+#define bswap_16 OSSwapInt16
+#define bswap_32 OSSwapInt32
+#define bswap_64 OSSwapInt64
+#else
+#if CRYPTOPP_FAST_ROTATE(32)
+#define bswap_32(x) (rotr32((x), 8U) & 0xff00ff00) | (rotl32((x), 8U) & 0x00ff00ff)
+#else
+#define CRYPTOPP_BYTESWAP_AVAILABLE
+#define bswap_32(x) (rotl32((((x) & 0xFF00FF00) >> 8) | (((x) & 0x00FF00FF) << 8), 16U))
+#define bswap_64(x) rotl64(((((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0xFFFF0000FFFF0000)) >> 16) | (((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0x0000FFFF0000FFFF)) << 16)), 32U)
+#endif
+#ifndef TC_NO_COMPILER_INT64
+#define bswap_64(x) rotl64(((((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0xFFFF0000FFFF0000)) >> 16) | (((((x & LL(0xFF00FF00FF00FF00)) >> 8) | ((x & LL(0x00FF00FF00FF00FF)) << 8)) & LL(0x0000FFFF0000FFFF)) << 16)), 32U)
+#endif
+#endif
+
+VC_INLINE unsigned int ByteReverseWord32 (unsigned int value)
+{
+#if defined(__GNUC__) && defined(CRYPTOPP_X86_ASM_AVAILABLE)
+ __asm__ ("bswap %0" : "=r" (value) : "0" (value));
+ return value;
+#elif defined(CRYPTOPP_BYTESWAP_AVAILABLE)
+ return bswap_32(value);
+#elif defined(__MWERKS__) && TARGET_CPU_PPC
+ return (uint32)__lwbrx(&value,0);
+#elif _MSC_VER >= 1400 || (_MSC_VER >= 1300 && !defined(_DLL))
+ return _byteswap_ulong(value);
+#elif CRYPTOPP_FAST_ROTATE(32)
+ // 5 instructions with rotate instruction, 9 without
+ return (rotr32(value, 8U) & 0xff00ff00) | (rotl32(value, 8U) & 0x00ff00ff);
+#else
+ // 6 instructions with rotate instruction, 8 without
+ value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8);
+ return rotl32(value, 16U);
+#endif
+}
+
+#ifndef TC_NO_COMPILER_INT64
+
+VC_INLINE unsigned __int64 ByteReverseWord64(unsigned __int64 value)
+{
+#if defined(__GNUC__) && defined(CRYPTOPP_X86_ASM_AVAILABLE) && defined(__x86_64__)
+ __asm__ ("bswap %0" : "=r" (value) : "0" (value));
+ return value;
+#elif defined(CRYPTOPP_BYTESWAP_AVAILABLE)
+ return bswap_64(value);
+#elif defined(_MSC_VER) && _MSC_VER >= 1300
+ return _byteswap_uint64(value);
+#else
+ value = ((value & LL(0xFF00FF00FF00FF00)) >> 8) | ((value & LL(0x00FF00FF00FF00FF)) << 8);
+ value = ((value & LL(0xFFFF0000FFFF0000)) >> 16) | ((value & LL(0x0000FFFF0000FFFF)) << 16);
+ return rotl64(value, 32U);
+#endif
+}
+
+VC_INLINE void CorrectEndianess(unsigned __int64 *out, const unsigned __int64 *in, UINTN byteCount)
+
+{
+ UINTN i, count = byteCount/sizeof(unsigned __int64);
+ for (i=0; i PGP key ID - 0xC48251EB4F8E4E6E
+ *
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 3 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+
+#include
+#include "serpent_small.h"
+
+#define LTf(_b) { \
+ _b[0] = _rotl(_b[0], 13); \
+ _b[2] = _rotl(_b[2], 3); \
+ _b[1] ^= _b[0] ^ _b[2]; \
+ _b[3] ^= _b[2] ^ (_b[0] << 3); \
+ _b[1] = _rotl(_b[1], 1); \
+ _b[3] = _rotl(_b[3], 7); \
+ _b[0] ^= _b[1] ^ _b[3]; \
+ _b[2] ^= _b[3] ^ (_b[1] << 7); \
+ _b[0] = _rotl(_b[0], 5); \
+ _b[2] = _rotl(_b[2], 22); \
+}
+
+#define ITf(_b) { \
+ _b[2] = _rotr(_b[2], 22); \
+ _b[0] = _rotr(_b[0], 5); \
+ _b[2] ^= _b[3] ^ (_b[1] << 7); \
+ _b[0] ^= _b[1] ^ _b[3]; \
+ _b[3] = _rotr(_b[3], 7); \
+ _b[1] = _rotr(_b[1], 1); \
+ _b[3] ^= _b[2] ^ (_b[0] << 3); \
+ _b[1] ^= _b[0] ^ _b[2]; \
+ _b[2] = _rotr(_b[2], 3); \
+ _b[0] = _rotr(_b[0], 13); \
+}
+
+#define PHI 0x9E3779B9
+
+typedef void (*sbox_p)(unsigned long b[4]);
+
+static void sE1(unsigned long b[4])
+{
+ unsigned long t = b[1];
+ b[3] ^= b[0];
+ b[1] &= b[3];
+ t ^= b[2];
+ b[1] ^= b[0];
+ b[0] |= b[3];
+ b[0] ^= t;
+ t ^= b[3];
+ b[3] ^= b[2];
+ b[2] |= b[1];
+ b[2] ^= t;
+ t = ~t;
+ t |= b[1];
+ b[1] ^= b[3];
+ b[1] ^= t;
+ b[3] |= b[0];
+ b[1] ^= b[3];
+ t ^= b[3];
+ b[3] = b[0];
+ b[0] = b[1];
+ b[1] = t;
+}
+
+static void sE2(unsigned long b[4])
+{
+ unsigned long t;
+ b[0] = ~b[0];
+ b[2] = ~b[2];
+ t = b[0];
+ b[0] &= b[1];
+ b[2] ^= b[0];
+ b[0] |= b[3];
+ b[3] ^= b[2];
+ b[1] ^= b[0];
+ b[0] ^= t;
+ t |= b[1];
+ b[1] ^= b[3];
+ b[2] |= b[0];
+ b[2] &= t;
+ b[0] ^= b[1];
+ b[1] &= b[2];
+ b[1] ^= b[0];
+ b[0] &= b[2];
+ t ^= b[0];
+ b[0] = b[2];
+ b[2] = b[3];
+ b[3] = b[1];
+ b[1] = t;
+}
+
+static void sE3(unsigned long b[4])
+{
+ unsigned long t = b[0];
+ b[0] &= b[2];
+ b[0] ^= b[3];
+ b[2] ^= b[1];
+ b[2] ^= b[0];
+ b[3] |= t;
+ b[3] ^= b[1];
+ t ^= b[2];
+ b[1] = b[3];
+ b[3] |= t;
+ b[3] ^= b[0];
+ b[0] &= b[1];
+ t ^= b[0];
+ b[1] ^= b[3];
+ b[1] ^= t;
+ b[0] = b[2];
+ b[2] = b[1];
+ b[1] = b[3];
+ b[3] = ~t;
+}
+
+static void sE4(unsigned long b[4])
+{
+ unsigned long t = b[0];
+ b[0] |= b[3];
+ b[3] ^= b[1];
+ b[1] &= t;
+ t ^= b[2];
+ b[2] ^= b[3];
+ b[3] &= b[0];
+ t |= b[1];
+ b[3] ^= t;
+ b[0] ^= b[1];
+ t &= b[0];
+ b[1] ^= b[3];
+ t ^= b[2];
+ b[1] |= b[0];
+ b[1] ^= b[2];
+ b[0] ^= b[3];
+ b[2] = b[1];
+ b[1] |= b[3];
+ b[0] ^= b[1];
+ b[1] = b[2];
+ b[2] = b[3];
+ b[3] = t;
+}
+
+static void sE5(unsigned long b[4])
+{
+ unsigned long t;
+ b[1] ^= b[3];
+ b[3] = ~b[3];
+ b[2] ^= b[3];
+ b[3] ^= b[0];
+ t = b[1];
+ b[1] &= b[3];
+ b[1] ^= b[2];
+ t ^= b[3];
+ b[0] ^= t;
+ b[2] &= t;
+ b[2] ^= b[0];
+ b[0] &= b[1];
+ b[3] ^= b[0];
+ t |= b[1];
+ t ^= b[0];
+ b[0] |= b[3];
+ b[0] ^= b[2];
+ b[2] &= b[3];
+ b[0] = ~b[0];
+ t ^= b[2];
+ b[2] = b[0];
+ b[0] = b[1];
+ b[1] = t;
+}
+
+static void sE6(unsigned long b[4])
+{
+ unsigned long t;
+ b[0] ^= b[1];
+ b[1] ^= b[3];
+ b[3] = ~b[3];
+ t = b[1];
+ b[1] &= b[0];
+ b[2] ^= b[3];
+ b[1] ^= b[2];
+ b[2] |= t;
+ t ^= b[3];
+ b[3] &= b[1];
+ b[3] ^= b[0];
+ t ^= b[1];
+ t ^= b[2];
+ b[2] ^= b[0];
+ b[0] &= b[3];
+ b[2] = ~b[2];
+ b[0] ^= t;
+ t |= b[3];
+ t ^= b[2];
+ b[2] = b[0];
+ b[0] = b[1];
+ b[1] = b[3];
+ b[3] = t;
+}
+
+static void sE7(unsigned long b[4])
+{
+ unsigned long t = b[3];
+ b[2] = ~b[2];
+ b[3] &= b[0];
+ b[0] ^= t;
+ b[3] ^= b[2];
+ b[2] |= t;
+ b[1] ^= b[3];
+ b[2] ^= b[0];
+ b[0] |= b[1];
+ b[2] ^= b[1];
+ t ^= b[0];
+ b[0] |= b[3];
+ b[0] ^= b[2];
+ t ^= b[3];
+ t ^= b[0];
+ b[3] = ~b[3];
+ b[2] &= t;
+ b[3] ^= b[2];
+ b[2] = t;
+}
+
+static void sE8(unsigned long b[4])
+{
+ unsigned long t = b[1];
+ b[1] |= b[2];
+ b[1] ^= b[3];
+ t ^= b[2];
+ b[2] ^= b[1];
+ b[3] |= t;
+ b[3] &= b[0];
+ t ^= b[2];
+ b[3] ^= b[1];
+ b[1] |= t;
+ b[1] ^= b[0];
+ b[0] |= t;
+ b[0] ^= b[2];
+ b[1] ^= t;
+ b[2] ^= b[1];
+ b[1] &= b[0];
+ b[1] ^= t;
+ b[2] = ~b[2];
+ b[2] |= b[0];
+ t ^= b[2];
+ b[2] = b[1];
+ b[1] = b[3];
+ b[3] = b[0];
+ b[0] = t;
+}
+
+static void sD1(unsigned long b[4])
+{
+ unsigned long t = b[1];
+ b[2] = ~b[2];
+ b[1] |= b[0];
+ t = ~t;
+ b[1] ^= b[2];
+ b[2] |= t;
+ b[1] ^= b[3];
+ b[0] ^= t;
+ b[2] ^= b[0];
+ b[0] &= b[3];
+ t ^= b[0];
+ b[0] |= b[1];
+ b[0] ^= b[2];
+ b[3] ^= t;
+ b[2] ^= b[1];
+ b[3] ^= b[0];
+ b[3] ^= b[1];
+ b[2] &= b[3];
+ t ^= b[2];
+ b[2] = b[1];
+ b[1] = t;
+}
+
+static void sD2(unsigned long b[4])
+{
+ unsigned long t = b[1];
+ b[1] ^= b[3];
+ b[3] &= b[1];
+ t ^= b[2];
+ b[3] ^= b[0];
+ b[0] |= b[1];
+ b[2] ^= b[3];
+ b[0] ^= t;
+ b[0] |= b[2];
+ b[1] ^= b[3];
+ b[0] ^= b[1];
+ b[1] |= b[3];
+ b[1] ^= b[0];
+ t = ~t;
+ t ^= b[1];
+ b[1] |= b[0];
+ b[1] ^= b[0];
+ b[1] |= t;
+ b[3] ^= b[1];
+ b[1] = b[0];
+ b[0] = t;
+ t = b[2];
+ b[2] = b[3];
+ b[3] = t;
+}
+
+static void sD3(unsigned long b[4])
+{
+ unsigned long t;
+ b[2] ^= b[3];
+ b[3] ^= b[0];
+ t = b[3];
+ b[3] &= b[2];
+ b[3] ^= b[1];
+ b[1] |= b[2];
+ b[1] ^= t;
+ t &= b[3];
+ b[2] ^= b[3];
+ t &= b[0];
+ t ^= b[2];
+ b[2] &= b[1];
+ b[2] |= b[0];
+ b[3] = ~b[3];
+ b[2] ^= b[3];
+ b[0] ^= b[3];
+ b[0] &= b[1];
+ b[3] ^= t;
+ b[3] ^= b[0];
+ b[0] = b[1];
+ b[1] = t;
+}
+
+static void sD4(unsigned long b[4])
+{
+ unsigned long t = b[2];
+ b[2] ^= b[1];
+ b[0] ^= b[2];
+ t &= b[2];
+ t ^= b[0];
+ b[0] &= b[1];
+ b[1] ^= b[3];
+ b[3] |= t;
+ b[2] ^= b[3];
+ b[0] ^= b[3];
+ b[1] ^= t;
+ b[3] &= b[2];
+ b[3] ^= b[1];
+ b[1] ^= b[0];
+ b[1] |= b[2];
+ b[0] ^= b[3];
+ b[1] ^= t;
+ b[0] ^= b[1];
+ t = b[0];
+ b[0] = b[2];
+ b[2] = b[3];
+ b[3] = t;
+}
+
+static void sD5(unsigned long b[4])
+{
+ unsigned long t = b[2];
+ b[2] &= b[3];
+ b[2] ^= b[1];
+ b[1] |= b[3];
+ b[1] &= b[0];
+ t ^= b[2];
+ t ^= b[1];
+ b[1] &= b[2];
+ b[0] = ~b[0];
+ b[3] ^= t;
+ b[1] ^= b[3];
+ b[3] &= b[0];
+ b[3] ^= b[2];
+ b[0] ^= b[1];
+ b[2] &= b[0];
+ b[3] ^= b[0];
+ b[2] ^= t;
+ b[2] |= b[3];
+ b[3] ^= b[0];
+ b[2] ^= b[1];
+ b[1] = b[3];
+ b[3] = t;
+}
+
+static void sD6(unsigned long b[4])
+{
+ unsigned long t = b[3];
+ b[1] = ~b[1];
+ b[2] ^= b[1];
+ b[3] |= b[0];
+ b[3] ^= b[2];
+ b[2] |= b[1];
+ b[2] &= b[0];
+ t ^= b[3];
+ b[2] ^= t;
+ t |= b[0];
+ t ^= b[1];
+ b[1] &= b[2];
+ b[1] ^= b[3];
+ t ^= b[2];
+ b[3] &= t;
+ t ^= b[1];
+ b[3] ^= t;
+ t = ~t;
+ b[3] ^= b[0];
+ b[0] = b[1];
+ b[1] = t;
+ t = b[3];
+ b[3] = b[2];
+ b[2] = t;
+}
+
+static void sD7(unsigned long b[4])
+{
+ unsigned long t = b[2];
+ b[0] ^= b[2];
+ b[2] &= b[0];
+ t ^= b[3];
+ b[2] = ~b[2];
+ b[3] ^= b[1];
+ b[2] ^= b[3];
+ t |= b[0];
+ b[0] ^= b[2];
+ b[3] ^= t;
+ t ^= b[1];
+ b[1] &= b[3];
+ b[1] ^= b[0];
+ b[0] ^= b[3];
+ b[0] |= b[2];
+ b[3] ^= b[1];
+ t ^= b[0];
+ b[0] = b[1];
+ b[1] = b[2];
+ b[2] = t;
+}
+
+static void sD8(unsigned long b[4])
+{
+ unsigned long t = b[2];
+ b[2] ^= b[0];
+ b[0] &= b[3];
+ t |= b[3];
+ b[2] = ~b[2];
+ b[3] ^= b[1];
+ b[1] |= b[0];
+ b[0] ^= b[2];
+ b[2] &= t;
+ b[3] &= t;
+ b[1] ^= b[2];
+ b[2] ^= b[0];
+ b[0] |= b[2];
+ t ^= b[1];
+ b[0] ^= b[3];
+ b[3] ^= t;
+ t |= b[0];
+ b[3] ^= b[2];
+ t ^= b[2];
+ b[2] = b[1];
+ b[1] = b[0];
+ b[0] = b[3];
+ b[3] = t;
+}
+
+static void __declspec(noinline) KXf(unsigned long *keys, unsigned long round, unsigned long b[4])
+{
+ b[0] ^= keys[4*round ];
+ b[1] ^= keys[4*round+1];
+ b[2] ^= keys[4*round+2];
+ b[3] ^= keys[4*round+3];
+}
+
+static sbox_p se_tab[] = { sE1, sE2, sE3, sE4, sE5, sE6, sE7, sE8 };
+static sbox_p sd_tab[] = { sD1, sD2, sD3, sD4, sD5, sD6, sD7, sD8 };
+
+void serpent256_set_key(const unsigned char *key, serpent256_key *skey)
+{
+ unsigned long W[140], i;
+
+ __movsb((unsigned char*)&W, key, SERPENT_KEY_SIZE);
+
+ for(i = 8; i != 140; ++i) {
+ W[i] = _rotl(W[i-8] ^ W[i-5] ^ W[i-3] ^ W[i-1] ^ PHI ^ (i-8), 11);
+ }
+ for (i = 8; i <= 136; i += 4) {
+ se_tab[7 - (((i / 4) + 2) % 8)](&W[i]);
+ }
+ __movsb((unsigned char*)&skey->expkey, (unsigned char*)(W+8), (SERPENT_EXPKEY_WORDS * sizeof(unsigned long)));
+}
+
+void serpent256_encrypt(const unsigned char *in, unsigned char *out, serpent256_key *key)
+{
+ unsigned long b[4];
+ int i;
+
+ __movsb((unsigned char*)&b, in, SERPENT_BLOCK_SIZE);
+
+ for (i = 0; i < 32; i++) {
+ KXf(key->expkey, i, b); se_tab[i % 8](b);
+ if (i == 31) KXf(key->expkey, 32, b); else LTf(b);
+ }
+ __movsb(out, (const unsigned char*)&b, SERPENT_BLOCK_SIZE);
+}
+
+void serpent256_decrypt(const unsigned char *in, unsigned char *out, serpent256_key *key)
+{
+ unsigned long b[4];
+ int i;
+
+ __movsb((unsigned char*)&b, in, SERPENT_BLOCK_SIZE);
+
+ for (i = 31; i >= 0; i--) {
+ if (i == 31) KXf(key->expkey, 32, b); else ITf(b);
+ sd_tab[i % 8](b); KXf(key->expkey, i, b);
+ }
+ __movsb(out, (const unsigned char*)&b, SERPENT_BLOCK_SIZE);
+}
diff --git a/Library/DiskCryptorLib/crypto/serpent_small.h b/Library/DiskCryptorLib/crypto/serpent_small.h
new file mode 100644
index 0000000..0a10162
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/serpent_small.h
@@ -0,0 +1,16 @@
+#ifndef _SERPENT_SMALL_H_
+#define _SERPENT_SMALL_H_
+
+#define SERPENT_KEY_SIZE 32
+#define SERPENT_EXPKEY_WORDS 132
+#define SERPENT_BLOCK_SIZE 16
+
+typedef struct _serpent256_key {
+ unsigned long expkey[SERPENT_EXPKEY_WORDS];
+} serpent256_key;
+
+void serpent256_set_key(const unsigned char *key, serpent256_key *skey);
+void serpent256_encrypt(const unsigned char *in, unsigned char *out, serpent256_key *key);
+void serpent256_decrypt(const unsigned char *in, unsigned char *out, serpent256_key *key);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.c b/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.c
new file mode 100644
index 0000000..d227b10
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.c
@@ -0,0 +1,105 @@
+/*
+ *
+ * DiskCryptor - open source partition encryption tool
+ * Copyright (c) 2010-2013
+ * ntldr PGP key ID - 0xC48251EB4F8E4E6E
+ *
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 3 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+#include
+#include "sha512_small.h"
+#include "sha512_pkcs5_2_small.h"
+
+void sha512_hmac(const void *k, unsigned long k_len, const void *d, unsigned long d_len, unsigned char *out)
+{
+ sha512_ctx ctx;
+ unsigned char buf[SHA512_BLOCK_SIZE];
+ unsigned char hval[SHA512_DIGEST_SIZE];
+ unsigned long i;
+
+ // zero key buffer
+ __stosb(buf, 0, sizeof(buf));
+
+ // compress hmac key
+ if (k_len > SHA512_BLOCK_SIZE) {
+ sha512_init(&ctx);
+ sha512_add(&ctx, (const unsigned char*)k, k_len);
+ sha512_done(&ctx, buf);
+ } else {
+ __movsb(buf, (const unsigned char*)k, k_len);
+ }
+
+ // create the hash initial vector
+ for (i = 0; i < SHA512_BLOCK_SIZE; i++) {
+ buf[i] ^= 0x36;
+ }
+
+ // hash key and data
+ sha512_init(&ctx);
+ sha512_add(&ctx, buf, SHA512_BLOCK_SIZE);
+ sha512_add(&ctx, (const unsigned char*)d, d_len);
+ sha512_done(&ctx, hval);
+
+ // create the second HMAC vector
+ for (i = 0; i < SHA512_BLOCK_SIZE; i++) {
+ buf[i] ^= 0x6A;
+ }
+
+ // calculate "outer" hash
+ sha512_init(&ctx);
+ sha512_add(&ctx, buf, SHA512_BLOCK_SIZE);
+ sha512_add(&ctx, hval, SHA512_DIGEST_SIZE);
+ sha512_done(&ctx, out);
+
+ // prevent leaks
+ __stosb(buf, 0, sizeof(buf));
+ __stosb(hval, 0, sizeof(hval));
+ __stosb((unsigned char*)&ctx, 0, sizeof(ctx));
+}
+
+void sha512_pkcs5_2(int i_count, const void *pwd, unsigned long pwd_len, const void *salt, unsigned long salt_len, unsigned char *dk, unsigned long dklen)
+{
+ unsigned char buff[128 + sizeof(unsigned long)];
+ unsigned char blk[SHA512_DIGEST_SIZE];
+ unsigned char hmac[SHA512_DIGEST_SIZE];
+ unsigned long block = 1;
+ unsigned long c_len;
+ int j, i;
+
+ while (dklen != 0)
+ {
+ // first interation
+ __movsb(buff, (const unsigned char*)salt, salt_len);
+ ((unsigned long*)(buff + salt_len))[0] = _byteswap_ulong(block);
+ sha512_hmac(pwd, pwd_len, buff, salt_len + sizeof(unsigned long), hmac);
+ __movsb(blk, hmac, SHA512_DIGEST_SIZE);
+
+ // next interations
+ for (i = 1; i < i_count; i++)
+ {
+ sha512_hmac(pwd, pwd_len, hmac, SHA512_DIGEST_SIZE, hmac);
+
+ for (j = 0; j < SHA512_DIGEST_SIZE; j++) {
+ blk[j] ^= hmac[j];
+ }
+ }
+ __movsb((unsigned char*)dk, blk, (c_len = dklen < SHA512_DIGEST_SIZE ? dklen : SHA512_DIGEST_SIZE));
+ dk += c_len; dklen -= c_len; block++;
+ }
+
+ // prevent leaks
+ __stosb(buff, 0, sizeof(buff));
+ __stosb(blk, 0, sizeof(blk));
+ __stosb(hmac, 0, sizeof(hmac));
+}
diff --git a/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.h b/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.h
new file mode 100644
index 0000000..f3946c5
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/sha512_pkcs5_2_small.h
@@ -0,0 +1,7 @@
+#ifndef _SHA512_PKCS5_2_SMALL_H_
+#define _SHA512_PKCS5_2_SMALL_H_
+
+void sha512_hmac(const void *k, unsigned long k_len, const void *d, unsigned long d_len, unsigned char *out);
+void sha512_pkcs5_2(int i_count, const void *pwd, unsigned long pwd_len, const void *salt, unsigned long salt_len, unsigned char *dk, unsigned long dklen);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/sha512_small.c b/Library/DiskCryptorLib/crypto/sha512_small.c
new file mode 100644
index 0000000..c96ae37
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/sha512_small.c
@@ -0,0 +1,156 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ * modified by ntldr, http://diskcryptor.net/
+ */
+#include
+#include "sha512_small.h"
+
+// the K array
+static const unsigned __int64 K[80] = {
+ 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,
+ 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118,
+ 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
+ 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694,
+ 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,
+ 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
+ 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4,
+ 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70,
+ 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
+ 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b,
+ 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30,
+ 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8,
+ 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,
+ 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,
+ 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec,
+ 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b,
+ 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,
+ 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b,
+ 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,
+ 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817
+};
+
+// initial hash value
+static const unsigned __int64 H[8] = {
+ 0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1,
+ 0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179
+};
+
+// Various logical functions
+#define Ch(x,y,z) (z ^ (x & (y ^ z)))
+#define Maj(x,y,z) (((x | y) & z) | (x & y))
+#define S(x, n) (_rotr64(x, n))
+#define R(x, n) ((unsigned __int64)(x) >> (unsigned __int64)(n))
+#define Sigma0(x) (S(x, 28) ^ S(x, 34) ^ S(x, 39))
+#define Sigma1(x) (S(x, 14) ^ S(x, 18) ^ S(x, 41))
+#define Gamma0(x) (S(x, 1) ^ S(x, 8) ^ R(x, 7))
+#define Gamma1(x) (S(x, 19) ^ S(x, 61) ^ R(x, 6))
+
+// compress 1024-bits
+static void sha512_compress(sha512_ctx *ctx, const unsigned char *buf)
+{
+ unsigned __int64 S[8], W[80], t0, t1;
+ int i;
+
+ // copy state into S
+ __movsb((unsigned char*)&S, (const unsigned char*)&ctx->hash, sizeof(S));
+
+ // copy the state into 1024-bits into W[0..15]
+ for (i = 0; i < 16; i++) {
+ W[i] = _byteswap_uint64(((unsigned __int64*)buf)[i]);
+ }
+ // fill W[16..79]
+ for (i = 16; i < 80; i++) {
+ W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16];
+ }
+ // Compress
+ for (i = 0; i < 80; i++)
+ {
+ t0 = S[7] + Sigma1(S[4]) + Ch(S[4], S[5], S[6]) + K[i] + W[i];
+ t1 = Sigma0(S[0]) + Maj(S[0], S[1], S[2]);
+ S[7] = S[6];
+ S[6] = S[5];
+ S[5] = S[4];
+ S[4] = S[3] + t0;
+ S[3] = S[2];
+ S[2] = S[1];
+ S[1] = S[0];
+ S[0] = t0 + t1;
+ }
+ for (i = 0; i < 8; i++) {
+ ctx->hash[i] += S[i];
+ }
+ // prevent leaks
+ __stosb((unsigned char*)&S, 0, sizeof(S));
+ __stosb((unsigned char*)&W, 0, sizeof(W));
+}
+
+// Initialize the hash state
+void sha512_init(sha512_ctx *ctx)
+{
+ __movsb((unsigned char*)&ctx->hash, (const unsigned char*)&H, sizeof(H));
+ ctx->curlen = 0;
+ ctx->length = 0;
+}
+
+// Process a block of memory though the hash
+void sha512_add(sha512_ctx *ctx, const unsigned char *in, unsigned long inlen)
+{
+ while (inlen--)
+ {
+ ctx->buf[ctx->curlen++] = *in++;
+
+ if (ctx->curlen == SHA512_BLOCK_SIZE) {
+ sha512_compress(ctx, ctx->buf);
+ ctx->length += 8 * SHA512_BLOCK_SIZE;
+ ctx->curlen = 0;
+ }
+ }
+}
+
+// Terminate the hash to get the digest
+void sha512_done(sha512_ctx *ctx, unsigned char *out)
+{
+ int i;
+
+ // increase the length of the message
+ ctx->length += ctx->curlen * 8;
+
+ // append the '1' bit
+ ctx->buf[ctx->curlen++] = 0x80;
+
+ /* if the length is currently above 112 bytes we append zeros
+ * then compress. Then we can fall back to padding zeros and length
+ * encoding like normal.
+ */
+ if (ctx->curlen > 112)
+ {
+ while (ctx->curlen < SHA512_BLOCK_SIZE) {
+ ctx->buf[ctx->curlen++] = 0;
+ }
+ sha512_compress(ctx, ctx->buf);
+ ctx->curlen = 0;
+ }
+
+ /* pad upto 120 bytes of zeroes
+ * note: that from 112 to 120 is the 64 MSB of the length. We assume that you won't hash
+ * > 2^64 bits of data... :-)
+ */
+ while (ctx->curlen < 120) {
+ ctx->buf[ctx->curlen++] = 0;
+ }
+ // store length
+ ((unsigned __int64*)ctx->buf)[15] = _byteswap_uint64(ctx->length);
+ sha512_compress(ctx, ctx->buf);
+
+ // copy output
+ for (i = 0; i < 8; i++) {
+ ((unsigned __int64*)out)[i] = _byteswap_uint64(ctx->hash[i]);
+ }
+}
diff --git a/Library/DiskCryptorLib/crypto/sha512_small.h b/Library/DiskCryptorLib/crypto/sha512_small.h
new file mode 100644
index 0000000..e09e391
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/sha512_small.h
@@ -0,0 +1,19 @@
+#ifndef _SHA512_SMALL_H_
+#define _SHA512_SMALL_H_
+
+typedef struct _sha512_ctx {
+ unsigned __int64 hash[8];
+ unsigned __int64 length;
+ unsigned long curlen;
+ unsigned char buf[128];
+
+} sha512_ctx;
+
+#define SHA512_DIGEST_SIZE 64
+#define SHA512_BLOCK_SIZE 128
+
+void sha512_init(sha512_ctx *ctx);
+void sha512_add(sha512_ctx *ctx, const unsigned char *in, unsigned long inlen);
+void sha512_done(sha512_ctx *ctx, unsigned char *out);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/twofish_small.c b/Library/DiskCryptorLib/crypto/twofish_small.c
new file mode 100644
index 0000000..fdd2b9f
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/twofish_small.c
@@ -0,0 +1,273 @@
+/*
+ *
+ * Copyright (c) 2010
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ * ntldr PGP key ID - 0xC48251EB4F8E4E6E
+ *
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 3 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+#include
+#include "twofish_small.h"
+
+/* the two polynomials */
+#define MDS_POLY 0x169
+#define RS_POLY 0x14D
+
+/* The 4x4 MDS Linear Transform */
+static const unsigned char MDS[4][4] = {
+ { 0x01, 0xEF, 0x5B, 0x5B },
+ { 0x5B, 0xEF, 0xEF, 0x01 },
+ { 0xEF, 0x5B, 0x01, 0xEF },
+ { 0xEF, 0x01, 0xEF, 0x5B }
+};
+
+/* The 4x8 RS Linear Transform */
+static const unsigned char RS[4][8] = {
+ { 0x01, 0xA4, 0x55, 0x87, 0x5A, 0x58, 0xDB, 0x9E },
+ { 0xA4, 0x56, 0x82, 0xF3, 0X1E, 0XC6, 0X68, 0XE5 },
+ { 0X02, 0XA1, 0XFC, 0XC1, 0X47, 0XAE, 0X3D, 0X19 },
+ { 0XA4, 0X55, 0X87, 0X5A, 0X58, 0XDB, 0X9E, 0X03 }
+};
+
+/* sbox usage orderings */
+static const unsigned char qord[4][5] = {
+ { 1, 1, 0, 0, 1 },
+ { 0, 1, 1, 0, 0 },
+ { 0, 0, 0, 1, 1 },
+ { 1, 0, 1, 1, 0 }
+};
+
+/* The Q-box tables */
+static const unsigned char qbox[2][4][16] = {
+{
+ { 0x8, 0x1, 0x7, 0xD, 0x6, 0xF, 0x3, 0x2, 0x0, 0xB, 0x5, 0x9, 0xE, 0xC, 0xA, 0x4 },
+ { 0xE, 0XC, 0XB, 0X8, 0X1, 0X2, 0X3, 0X5, 0XF, 0X4, 0XA, 0X6, 0X7, 0X0, 0X9, 0XD },
+ { 0XB, 0XA, 0X5, 0XE, 0X6, 0XD, 0X9, 0X0, 0XC, 0X8, 0XF, 0X3, 0X2, 0X4, 0X7, 0X1 },
+ { 0XD, 0X7, 0XF, 0X4, 0X1, 0X2, 0X6, 0XE, 0X9, 0XB, 0X3, 0X0, 0X8, 0X5, 0XC, 0XA }
+},
+{
+ { 0X2, 0X8, 0XB, 0XD, 0XF, 0X7, 0X6, 0XE, 0X3, 0X1, 0X9, 0X4, 0X0, 0XA, 0XC, 0X5 },
+ { 0X1, 0XE, 0X2, 0XB, 0X4, 0XC, 0X3, 0X7, 0X6, 0XD, 0XA, 0X5, 0XF, 0X9, 0X0, 0X8 },
+ { 0X4, 0XC, 0X7, 0X5, 0X1, 0X6, 0X9, 0XA, 0X0, 0XE, 0XD, 0X8, 0X2, 0XB, 0X3, 0XF },
+ { 0xB, 0X9, 0X5, 0X1, 0XC, 0X3, 0XD, 0XE, 0X6, 0X4, 0X7, 0XF, 0X2, 0X0, 0X8, 0XA }
+}
+};
+
+/* computes S_i[x] */
+static unsigned long sbox(int i, unsigned long x)
+{
+ unsigned char a0,b0,a1,b1,a2,b2,a3,b3,a4,b4,y;
+
+ /* a0,b0 = [x/16], x mod 16 */
+ a0 = (x>>4)&15;
+ b0 = (x)&15;
+ /* a1 = a0 ^ b0 */
+ a1 = a0 ^ b0;
+ /* b1 = a0 ^ ROR(b0, 1) ^ 8a0 */
+ b1 = (a0 ^ ((b0<<3)|(b0>>1)) ^ (a0<<3)) & 15;
+ /* a2,b2 = t0[a1], t1[b1] */
+ a2 = qbox[i][0][a1];
+ b2 = qbox[i][1][b1];
+ /* a3 = a2 ^ b2 */
+ a3 = a2 ^ b2;
+ /* b3 = a2 ^ ROR(b2, 1) ^ 8a2 */
+ b3 = (a2 ^ ((b2<<3)|(b2>>1)) ^ (a2<<3)) & 15;
+ /* a4,b4 = t2[a3], t3[b3] */
+ a4 = qbox[i][2][a3];
+ b4 = qbox[i][3][b3];
+ /* y = 16b4 + a4 */
+ y = (b4 << 4) + a4;
+ /* return result */
+ return y;
+}
+
+/* computes ab mod p */
+static unsigned long gf_mult(unsigned long a, unsigned long b, unsigned long p)
+{
+ unsigned long result = 0;
+
+ while (a) {
+ if (a & 1) result ^= b;
+ a >>= 1, b <<= 1;
+ if (b & 0x100) b ^= p;
+ }
+ return (unsigned char)result;
+}
+
+/* computes [y0 y1 y2 y3] = MDS . [x0] */
+static unsigned long mds_column_mult(unsigned char in, int col)
+{
+ return (gf_mult(in, MDS[0][col], MDS_POLY) << 0 ) | (gf_mult(in, MDS[1][col], MDS_POLY) << 8) |
+ (gf_mult(in, MDS[2][col], MDS_POLY) << 16) | (gf_mult(in, MDS[3][col], MDS_POLY) << 24);
+}
+
+/* computes h(x) */
+static void h_func(const unsigned char *in, unsigned char *out, unsigned char *M, int offset)
+{
+ int x, i;
+ unsigned char y[4];
+
+ y[0] = (unsigned char)(sbox(1, in[0]) ^ M[4 * (6 + offset) + 0]);
+ y[1] = (unsigned char)(sbox(0, in[1]) ^ M[4 * (6 + offset) + 1]);
+ y[2] = (unsigned char)(sbox(0, in[2]) ^ M[4 * (6 + offset) + 2]);
+ y[3] = (unsigned char)(sbox(1, in[3]) ^ M[4 * (6 + offset) + 3]);
+ y[0] = (unsigned char)(sbox(1, y[0]) ^ M[4 * (4 + offset) + 0]);
+ y[1] = (unsigned char)(sbox(1, y[1]) ^ M[4 * (4 + offset) + 1]);
+ y[2] = (unsigned char)(sbox(0, y[2]) ^ M[4 * (4 + offset) + 2]);
+ y[3] = (unsigned char)(sbox(0, y[3]) ^ M[4 * (4 + offset) + 3]);
+ y[0] = (unsigned char)(sbox(1, sbox(0, sbox(0, y[0]) ^ M[4 * (2 + offset) + 0]) ^ M[4 * (0 + offset) + 0]));
+ y[1] = (unsigned char)(sbox(0, sbox(0, sbox(1, y[1]) ^ M[4 * (2 + offset) + 1]) ^ M[4 * (0 + offset) + 1]));
+ y[2] = (unsigned char)(sbox(1, sbox(1, sbox(0, y[2]) ^ M[4 * (2 + offset) + 2]) ^ M[4 * (0 + offset) + 2]));
+ y[3] = (unsigned char)(sbox(0, sbox(1, sbox(1, y[3]) ^ M[4 * (2 + offset) + 3]) ^ M[4 * (0 + offset) + 3]));
+
+ /* Computes [y0 y1 y2 y3] = MDS . [x0 x1 x2 x3] */
+ for (x = 0; x < 4; x++)
+ {
+ for (out[x] = 0, i = 0; i < 4; i++) {
+ out[x] ^= gf_mult(y[i], MDS[x][i], MDS_POLY);
+ }
+ }
+}
+
+static unsigned long g_func(unsigned long x, twofish256_key *key)
+{
+ return key->S[0][(unsigned char)(x >> 0 )] ^ key->S[1][(unsigned char)(x >> 8 )] ^
+ key->S[2][(unsigned char)(x >> 16)] ^ key->S[3][(unsigned char)(x >> 24)];
+}
+
+void twofish256_set_key(const unsigned char *key, twofish256_key *skey)
+{
+ int g, z, i;
+ unsigned char S[4*4];
+ int x, y;
+ unsigned char tmp[4], tmp2[4], M[8*4];
+ unsigned long A, B;
+
+ /* copy the key into M */
+ __movsb(M, key, TWOFISH_KEY_SIZE);
+
+ /* create the S[..] words */
+ for (x = 0; x < 4; x++)
+ {
+ /* computes [y0 y1 y2 y3] = RS . [x0 x1 x2 x3 x4 x5 x6 x7] */
+ for (i = 0; i < 4; i++)
+ {
+ for ((S+(x*4))[i] = 0, y = 0; y < 8; y++) {
+ (S+(x*4))[i] ^= gf_mult((M+(x*8))[y], RS[i][y], RS_POLY);
+ }
+ }
+ }
+
+ /* make subkeys */
+ for (x = 0; x < 20; x++)
+ {
+ /* A = h(p * 2x, Me) */
+ __stosb(tmp, x+x, 4);
+ h_func(tmp, tmp2, M, 0);
+ A = ((unsigned long*)tmp2)[0];
+
+ /* B = ROL(h(p * (2x + 1), Mo), 8) */
+ memset(tmp, x+x+1, 4);
+ h_func(tmp, tmp2, M, 1);
+ B = _rotl(((unsigned long*)tmp2)[0], 8);
+
+ /* K[2i] = A + B */
+ skey->K[x+x] = A + B;
+
+ /* K[2i+1] = (A + 2B) <<< 9 */
+ skey->K[x+x+1] = _rotl(B + B + A, 9);
+ }
+
+ /* make the sboxes (large ram variant) */
+ for (y = 0; y < 4; y++)
+ {
+ for (x = 0; x < 256; x++)
+ {
+ z = 0;
+ /* do unkeyed substitution */
+ g = sbox(qord[y][z++], x);
+ /* first subkey */
+ i = 0;
+
+ /* do key mixing+sbox until z==5 */
+ while (z != 5) {
+ g = g ^ S[4*i++ + y];
+ g = sbox(qord[y][z++], g);
+ }
+ /* multiply g by a column of the MDS */
+ skey->S[y][x] = mds_column_mult((unsigned char)g, y);
+ }
+ }
+}
+
+void twofish256_encrypt(const unsigned char *in, unsigned char *out, twofish256_key *key)
+{
+ unsigned long t,t1,t2;
+ unsigned long v[4];
+ int i;
+
+ for (i = 0; i < 4; i++) {
+ v[i] = ((unsigned long*)in)[i] ^ key->K[i];
+ }
+ for (i = 0; i < 16; i++)
+ {
+ t1 = g_func(v[0], key);
+ t2 = g_func(_rotl(v[1], 8), key);
+ t2 += (t1 += t2);
+ t1 += key->K[i+i+8];
+ t2 += key->K[i+i+9];
+ v[2] ^= t1; v[2] = _rotr(v[2], 1);
+ v[3] = _rotl(v[3], 1) ^ t2;
+
+ t = v[0]; v[0] = v[2]; v[2] = t;
+ t = v[1]; v[1] = v[3]; v[3] = t;
+ }
+ /* output with "undo last swap" */
+ ((unsigned long*)out)[0] = v[2] ^ key->K[4];
+ ((unsigned long*)out)[1] = v[3] ^ key->K[5];
+ ((unsigned long*)out)[2] = v[0] ^ key->K[6];
+ ((unsigned long*)out)[3] = v[1] ^ key->K[7];
+}
+
+void twofish256_decrypt(const unsigned char *in, unsigned char *out, twofish256_key *key)
+{
+ unsigned long t,t1,t2;
+ unsigned long v[4];
+ int i;
+
+ /* load input and undo undo final swap */
+ v[0] = ((unsigned long*)in)[0] ^ key->K[4];
+ v[1] = ((unsigned long*)in)[1] ^ key->K[5];
+ v[2] = ((unsigned long*)in)[2] ^ key->K[6];
+ v[3] = ((unsigned long*)in)[3] ^ key->K[7];
+
+ for (i = 15; i >= 0; i--)
+ {
+ t1 = g_func(v[0], key);
+ t2 = g_func(_rotl(v[1], 8), key);
+ t2 += (t1 += t2);
+ t1 += key->K[i+i+8];
+ t2 += key->K[i+i+9];
+ v[2] = _rotl(v[2], 1) ^ t1;
+ v[3] = v[3] ^ t2; v[3] = _rotr(v[3], 1);
+
+ t = v[0]; v[0] = v[2]; v[2] = t;
+ t = v[1]; v[1] = v[3]; v[3] = t;
+ }
+ ((unsigned long*)out)[0] = v[2] ^ key->K[0];
+ ((unsigned long*)out)[1] = v[3] ^ key->K[1];
+ ((unsigned long*)out)[2] = v[0] ^ key->K[2];
+ ((unsigned long*)out)[3] = v[1] ^ key->K[3];
+}
+
diff --git a/Library/DiskCryptorLib/crypto/twofish_small.h b/Library/DiskCryptorLib/crypto/twofish_small.h
new file mode 100644
index 0000000..fc9283c
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/twofish_small.h
@@ -0,0 +1,15 @@
+#ifndef _TWOFISH_SMALL_H_
+#define _TWOFISH_SMALL_H_
+
+typedef struct _twofish256_key {
+ unsigned long S[4][256], K[40];
+} twofish256_key;
+
+#define TWOFISH_KEY_SIZE 32
+#define TWOFISH_BLOCK_SIZE 16
+
+void twofish256_set_key(const unsigned char *key, twofish256_key *skey);
+void twofish256_encrypt(const unsigned char *in, unsigned char *out, twofish256_key *key);
+void twofish256_decrypt(const unsigned char *in, unsigned char *out, twofish256_key *key);
+
+#endif
diff --git a/Library/DiskCryptorLib/crypto/xts_small.c b/Library/DiskCryptorLib/crypto/xts_small.c
new file mode 100644
index 0000000..0595bfc
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/xts_small.c
@@ -0,0 +1,192 @@
+/*
+ *
+ * Copyright (c) 2010-2013
+ * ntldr PGP key ID - 0xC48251EB4F8E4E6E
+ * based on rijndael-alg-fst.c
+ * @author Vincent Rijmen
+ * @author Antoon Bosselaers
+ * @author Paulo Barreto
+ * @author Serge Trusov
+ *
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License version 3 as
+ published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+*/
+#include "xts_small.h"
+
+typedef void (*set_key_p)(const unsigned char *key, void *skey);
+typedef void (*encrypt_p)(const unsigned char *in, unsigned char *out, void *key);
+
+typedef struct _cipher_desc {
+ set_key_p set_key;
+ encrypt_p encrypt;
+ encrypt_p decrypt;
+ int ctxsz;
+} cipher_desc;
+
+typedef __declspec(align(1)) union _m128 {
+ unsigned long v32[4];
+ unsigned __int64 v64[2];
+} m128;
+
+static cipher_desc aes256 = {
+ (set_key_p)aes256_set_key, (encrypt_p)aes256_encrypt, (encrypt_p)aes256_decrypt, sizeof(aes256_key)
+};
+
+#ifndef AES_ONLY
+static cipher_desc twofish256 = {
+ (set_key_p)twofish256_set_key, (encrypt_p)twofish256_encrypt, (encrypt_p)twofish256_decrypt, sizeof(twofish256_key)
+};
+static cipher_desc serpent256 = {
+ (set_key_p)serpent256_set_key, (encrypt_p)serpent256_encrypt, (encrypt_p)serpent256_decrypt, sizeof(serpent256_key)
+};
+
+static cipher_desc *algs[7][3] = {
+ { &aes256, },
+ { &twofish256, },
+ { &serpent256, },
+ { &twofish256, &aes256, },
+ { &serpent256, &twofish256, },
+ { &aes256, &serpent256, },
+ { &serpent256, &twofish256, &aes256 }
+};
+#endif
+
+static void xts_process(
+ const unsigned char *in, unsigned char *out, unsigned long len,
+ unsigned __int64 offset, encrypt_p crypt_p, encrypt_p tweak_p, void *crypt_k, void *tweak_k
+ )
+{
+ __declspec(align(16)) unsigned char tmp[XTS_BLOCK_SIZE];
+ __declspec(align(16)) m128 t, idx;
+ unsigned long i, cf;
+
+ idx.v64[0] = offset / XTS_SECTOR_SIZE;
+ idx.v64[1] = 0;
+
+ for (; len; len -= XTS_SECTOR_SIZE)
+ {
+//#ifdef _M_IX86
+// if (tweak_p == (encrypt_p)aes256_padlock_encrypt) {
+// aes256_padlock_rekey();
+// }
+//#endif
+ /* update tweak unit index */
+ idx.v64[0]++;
+ /* derive first tweak value */
+ tweak_p((unsigned char*)&idx, (unsigned char*)&t, tweak_k);
+//#ifdef _M_IX86
+// if (tweak_p == (encrypt_p)aes256_padlock_encrypt) {
+// aes256_padlock_rekey();
+// }
+//#endif
+ for (i = 0; i < XTS_BLOCKS_IN_SECTOR; i++)
+ {
+ ((unsigned __int64*)tmp)[0] = ((unsigned __int64*)in)[0] ^ t.v64[0];
+ ((unsigned __int64*)tmp)[1] = ((unsigned __int64*)in)[1] ^ t.v64[1];
+
+ crypt_p(tmp, tmp, crypt_k);
+
+ ((unsigned __int64*)out)[0] = ((unsigned __int64*)tmp)[0] ^ t.v64[0];
+ ((unsigned __int64*)out)[1] = ((unsigned __int64*)tmp)[1] ^ t.v64[1];
+
+ /* update pointers */
+ in += XTS_BLOCK_SIZE; out += XTS_BLOCK_SIZE;
+ /* derive next tweak value */
+ cf = (t.v32[3] >> 31) * 135;
+ t.v64[1] <<= 1;
+ t.v32[2] |= t.v32[1] >> 31;
+ t.v64[0] <<= 1;
+ t.v32[0] ^= cf;
+ }
+ }
+}
+
+#ifndef AES_ONLY
+
+void xts_set_key(const unsigned char *key, int alg, xts_key *skey)
+{
+ cipher_desc *p_alg;
+ unsigned char *p_ctx;
+ int i;
+
+ /* set encryption key */
+ for (i = 0, p_ctx = skey->crypt_k; (i < 3) && ((p_alg = algs[alg][i]) != 0); i++) {
+ p_alg->set_key(key, p_ctx); key += XTS_KEY_SIZE; p_ctx += p_alg->ctxsz;
+ }
+ /* set tweak key */
+ for (i = 0, p_ctx = skey->tweak_k; (i < 3) && ((p_alg = algs[alg][i]) != 0); i++) {
+ p_alg->set_key(key, p_ctx); key += XTS_KEY_SIZE; p_ctx += p_alg->ctxsz;
+ }
+ skey->algs = (void**)algs[alg];
+ skey->max = i-1;
+ skey->ctxsz = (unsigned long)(p_ctx - skey->tweak_k);
+}
+
+void xts_encrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key)
+{
+ cipher_desc *p_alg;
+ unsigned char *p_crypt_k = key->crypt_k;
+ unsigned char *p_tweak_k = key->tweak_k;
+ int i = 0;
+
+ do
+ {
+ p_alg = (cipher_desc*)(key->algs[i]);
+ xts_process(in, out, len, offset, p_alg->encrypt, p_alg->encrypt, p_crypt_k, p_tweak_k);
+ in = out; p_crypt_k += p_alg->ctxsz; p_tweak_k += p_alg->ctxsz;
+ } while (++i <= key->max);
+}
+
+void xts_decrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key)
+{
+ cipher_desc *p_alg;
+ unsigned char *p_crypt_k = key->crypt_k + key->ctxsz;
+ unsigned char *p_tweak_k = key->tweak_k + key->ctxsz;
+ int i = key->max;
+
+ do
+ {
+ p_alg = (cipher_desc*)(key->algs[i]); p_crypt_k -= p_alg->ctxsz; p_tweak_k -= p_alg->ctxsz;
+ xts_process(in, out, len, offset, p_alg->decrypt, p_alg->encrypt, p_crypt_k, p_tweak_k);
+ in = out;
+ } while (--i >= 0);
+}
+#else
+
+void xts_set_key(const unsigned char *key, int alg, xts_key *skey)
+{
+ aes256_set_key(key, (aes256_key*)&skey->crypt_k);
+ aes256_set_key(key + XTS_KEY_SIZE, (aes256_key*)&skey->tweak_k);
+}
+
+void xts_encrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key)
+{
+ xts_process(in, out, len, offset, aes256.encrypt, aes256.encrypt, &key->crypt_k, &key->tweak_k);
+}
+
+void xts_decrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key)
+{
+ xts_process(in, out, len, offset, aes256.decrypt, aes256.encrypt, &key->crypt_k, &key->tweak_k);
+}
+#endif
+
+void xts_init(int hw_crypt)
+{
+ aes256_gentab();
+//#ifdef _M_IX86
+// if ( (hw_crypt != 0) && (aes256_padlock_available() != 0) ) {
+// aes256.encrypt = (encrypt_p) aes256_padlock_encrypt;
+// aes256.decrypt = (encrypt_p) aes256_padlock_decrypt;
+// }
+//#endif
+}
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/crypto/xts_small.h b/Library/DiskCryptorLib/crypto/xts_small.h
new file mode 100644
index 0000000..c426dd0
--- /dev/null
+++ b/Library/DiskCryptorLib/crypto/xts_small.h
@@ -0,0 +1,58 @@
+#ifndef _XTS_SMALL_H_
+#define _XTS_SMALL_H_
+
+#include "aes_small.h"
+#ifndef AES_ONLY
+ #include "twofish_small.h"
+ #include "serpent_small.h"
+#endif
+
+#ifndef AES_ONLY
+ #define CF_AES 0
+ #define CF_TWOFISH 1
+ #define CF_SERPENT 2
+ #define CF_AES_TWOFISH 3
+ #define CF_TWOFISH_SERPENT 4
+ #define CF_SERPENT_AES 5
+ #define CF_AES_TWOFISH_SERPENT 6
+ #define CF_CIPHERS_NUM 7
+#else
+ #define CF_AES 0
+ #define CF_CIPHERS_NUM 1
+#endif
+
+#define XTS_SECTOR_SIZE 512
+#define XTS_BLOCK_SIZE 16
+#define XTS_BLOCKS_IN_SECTOR (XTS_SECTOR_SIZE / XTS_BLOCK_SIZE)
+#define XTS_KEY_SIZE 32
+
+#ifdef AES_ONLY
+ #define MAX_CIPHER_KEY (sizeof(aes256_key))
+ #define XTS_FULL_KEY (XTS_KEY_SIZE*2)
+#else
+ #define MAX_CIPHER_KEY (sizeof(aes256_key) + sizeof(twofish256_key) + sizeof(serpent256_key))
+ #define XTS_FULL_KEY (XTS_KEY_SIZE*3*2)
+#endif
+
+#pragma warning(disable:4324)
+typedef __declspec(align(16)) struct _xts_key {
+ unsigned char crypt_k[MAX_CIPHER_KEY];
+ unsigned char tweak_k[MAX_CIPHER_KEY];
+#ifndef AES_ONLY
+ void **algs;
+ int max;
+ unsigned long ctxsz;
+#endif
+} xts_key;
+#pragma warning(default:4324)
+
+void xts_set_key(const unsigned char *key, int alg, xts_key *skey);
+void xts_encrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key);
+void xts_decrypt(const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key);
+void xts_init(int hw_crypt);
+
+typedef void (*xts_setkey_proc)(const unsigned char *key, int alg, xts_key *skey);
+typedef void (*xts_crypt_proc) (const unsigned char *in, unsigned char *out, unsigned long len, unsigned __int64 offset, xts_key *key);
+typedef void (*xts_init_proc) (int hw_crypt);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/dc_header.c b/Library/DiskCryptorLib/dc_header.c
new file mode 100644
index 0000000..212222c
--- /dev/null
+++ b/Library/DiskCryptorLib/dc_header.c
@@ -0,0 +1,38 @@
+#include "include\defines.h"
+#include "include\boot\dc_header.h"
+#include "crypto\sha512_pkcs5_2_small.h"
+#include "include\boot\boot.h"
+
+int dc_decrypt_header(dc_header *header, dc_pass *password)
+{
+ u8 dk[DISKKEY_SIZE];
+ int i, succs = 0;
+ xts_key hdr_key;
+ dc_header hcopy;
+
+ sha512_pkcs5_2(
+ 1000, password->pass, password->size,
+ header->salt, PKCS5_SALT_SIZE, dk, PKCS_DERIVE_MAX);
+
+ for (i = 0; i < CF_CIPHERS_NUM; i++)
+ {
+ xts_set_key(dk, i, &hdr_key);
+
+ xts_decrypt(pv(header), pv(&hcopy), sizeof(dc_header), 0, &hdr_key);
+
+ /* Magic 'DCRP' */
+ if (hcopy.sign != DC_VOLM_SIGN) {
+ continue;
+ }
+ /* copy decrypted part to output */
+ autocpy(&header->sign, &hcopy.sign, DC_ENCRYPTEDDATASIZE);
+ succs = 1; break;
+ }
+
+ /* prevent leaks */
+ zeroauto(dk, sizeof(dk));
+ zeroauto(&hdr_key, sizeof(xts_key));
+ zeroauto(&hcopy, sizeof(dc_header));
+
+ return succs;
+}
diff --git a/Library/DiskCryptorLib/dc_io.c b/Library/DiskCryptorLib/dc_io.c
new file mode 100644
index 0000000..93e7887
--- /dev/null
+++ b/Library/DiskCryptorLib/dc_io.c
@@ -0,0 +1,172 @@
+#include "include\defines.h"
+#include "include\boot\boot.h"
+#include "include\boot\bios.h"
+#include "include\boot\boot_hook.h"
+#include "crypto\xts_small.h"
+#include "include\boot\hdd_io.h"
+
+static u16 intersect(u64 *i_st, u64 start1, u32 size1, u64 start2, u64 size2)
+{
+ u64 end, i;
+ end = min(start1 + size1, start2 + size2);
+ *i_st = i = max(start1, start2);
+ return d16((i < end) ? end - i : 0);
+}
+
+static boot_key *last_k;
+static xts_key benc_k;
+
+static
+int dc_crypt_io(mount_inf *mount, u8 *buff, u16 sectors, u64 start, int read, boot_key *key)
+{
+ int succs;
+
+ if (key != last_k) {
+ xts_set_key(key->key, key->alg, &benc_k); last_k = key;
+ }
+ if (read != 0)
+ {
+ succs = hdd_io(mount->hdd_n, buff, sectors, mount->begin + start, 1);
+
+ if (succs != 0) {
+ xts_decrypt(buff, buff, (sectors << SECT_SHIFT), (start << SECT_SHIFT), &benc_k);
+ }
+ } else
+ {
+ /* encrypt buffer */
+ xts_encrypt(buff, buff, (sectors << SECT_SHIFT), (start << SECT_SHIFT), &benc_k);
+
+ /* write buffer to disk */
+ succs = hdd_io(mount->hdd_n, buff, sectors, mount->begin + start, 0);
+
+ /* decrypt buffer to save original data */
+ xts_decrypt(buff, buff, (sectors << SECT_SHIFT), (start << SECT_SHIFT), &benc_k);
+ }
+ return succs;
+}
+
+static int dc_mount_io(mount_inf *mount, u8 *buff, u16 sectors, u64 start, int read)
+{
+ u64 o1, o2, o3;
+ u16 s1, s2, s3;
+ u8 *p2, *p3;
+ int res;
+
+ s1 = intersect(&o1, start, sectors, 0, DC_AREA_SECTORS);
+
+ if (mount->flags & VF_TMP_MODE) {
+ s2 = intersect(&o2, start, sectors, DC_AREA_SECTORS, (mount->tmp_size - DC_AREA_SECTORS));
+ s3 = intersect(&o3, start, sectors, mount->tmp_size, mount->size);
+ } else {
+ s2 = intersect(&o2, start, sectors, DC_AREA_SECTORS, mount->size);
+ s3 = 0;
+ }
+ p2 = buff + (s1 * SECTOR_SIZE);
+ p3 = p2 + (s2 * SECTOR_SIZE);
+
+ /*
+ normal mode:
+ o1:s1 - redirected part
+ o2:s2 - encrypted part
+ o3:s3 - unencrypted part
+ reencrypt mode:
+ o1:s1 - redirected part
+ o2:s2 - key_1 encrypted part
+ o3:s3 - key_2 encrypted part
+ */
+ do
+ {
+ if (s1 != 0)
+ {
+ if ( (res = dc_mount_io(mount, buff, s1, mount->stor_off + o1, read)) == 0 ) {
+ break;
+ }
+ }
+ if (s2 != 0)
+ {
+ if ( (res = dc_crypt_io(mount, p2, s2, o2, read, mount->d_key)) == 0 ) {
+ break;
+ }
+ }
+ if (s3 != 0)
+ {
+ if (mount->flags & VF_REENCRYPT) {
+ res = dc_crypt_io(mount, p3, s3, o3, read, mount->o_key);
+ } else {
+ res = hdd_io(mount->hdd_n, p3, s3, mount->begin + o3, read);
+ }
+ }
+ } while (0);
+
+ return res;
+}
+
+int dc_disk_io(int hdd_n, void *buff, u16 sectors, u64 start, int read)
+{
+ mount_inf *mount;
+ u8 old[512];
+ u16 ov_size;
+ int saved = 0;
+ int res = 0;
+ int found = 0;
+ int i;
+
+ for (i = 0; i < iodb.n_mount; i++)
+ {
+ if ((mount = &iodb.p_mount[i])->hdd_n != hdd_n) {
+ continue;
+ }
+
+ /* overlapped partition start IO */
+ if ( (start < mount->begin) && (start + sectors > mount->begin) )
+ {
+ ov_size = d16(mount->begin - start);
+
+ res = dc_disk_io(hdd_n, buff, ov_size, start, read) &&
+ dc_disk_io(hdd_n, p8(buff) + ov_size * 512, sectors - ov_size, mount->begin, read);
+
+ found = 1; break;
+ } else
+
+ /* overlapped partition end IO */
+ if ( (start < mount->end) && (start + sectors > mount->end) )
+ {
+ ov_size = d16(mount->end - start);
+
+ res = dc_disk_io(hdd_n, buff, ov_size, start, read) &&
+ dc_disk_io(hdd_n, p8(buff) + ov_size * 512, sectors - ov_size, mount->end, read);
+
+ found = 1; break;
+ } else
+
+ /* normal partition IO */
+ if ( (start >= mount->begin) && (start + sectors < mount->end) )
+ {
+ res = dc_mount_io(mount, buff, sectors, start - mount->begin, read);
+ found = 1; break;
+ }
+ }
+
+ if (found == 0)
+ {
+ /* emulate write to MBR */
+ if ( !(iodb.options & OP_EXTERNAL) && (hdd_n == iodb.ldr_dsk) &&
+ (start == 0) && (read == 0) )
+ {
+ /* save old buffer */
+ autocpy(old, buff, SECTOR_SIZE);
+ /* read my MBR */
+ hdd_io(hdd_n, buff, 1, 0, 1);
+ /* copy partition table to MBR */
+ autocpy(p8(buff) + 432, old + 432, 80);
+ saved = 1;
+ }
+ res = hdd_io(hdd_n, buff, sectors, start, read);
+
+ if (saved != 0) {
+ /* restore old buffer */
+ autocpy(buff, old, SECTOR_SIZE);
+ }
+ }
+ return res;
+}
diff --git a/Library/DiskCryptorLib/include/boot/bios.h b/Library/DiskCryptorLib/include/boot/bios.h
new file mode 100644
index 0000000..2db08bd
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/bios.h
@@ -0,0 +1,132 @@
+#ifndef _BIOS_
+#define _BIOS_
+
+#include "e820.h"
+
+#pragma pack (push, 1)
+
+#pragma warning(disable:4201)
+typedef struct _rm_ctx {
+ union
+ {
+ u32 eax;
+ union
+ {
+ u16 ax;
+ struct {
+ u8 al;
+ u8 ah;
+ };
+ };
+ };
+ union
+ {
+ u32 ecx;
+ union
+ {
+ u16 cx;
+ struct {
+ u8 cl;
+ u8 ch;
+ };
+ };
+ };
+
+ union
+ {
+ u32 edx;
+ union
+ {
+ u16 dx;
+ struct {
+ u8 dl;
+ u8 dh;
+ };
+ };
+ };
+
+ union
+ {
+ u32 ebx;
+ union
+ {
+ u16 bx;
+ struct {
+ u8 bl;
+ u8 bh;
+ };
+ };
+ };
+
+ union {
+ u32 ebp;
+ u16 bp;
+ };
+
+ union {
+ u32 esi;
+ u16 si;
+ };
+
+ union {
+ u32 edi;
+ u16 di;
+ };
+
+ u32 efl;
+ u16 ds;
+ u16 es;
+
+} rm_ctx;
+#pragma warning(default:4201)
+
+#define BDB_SIGN1 0x01F53F55
+#define BDB_SIGN2 0x9E4361E4
+
+typedef struct _bd_data {
+ u32 sign1; /* 0x01F53F55 */
+ u32 sign2; /* 0x9E4361E4 */
+ u32 bd_base; /* boot data block base */
+ u32 bd_size; /* boot data block size (including stack) */
+ dc_pass password; /* bootauth password */
+ u32 old_int15; /* old int15 handler */
+ u32 old_int13; /* old int13 handler */
+
+#if !defined(_UEFI)
+ /* volatile data */
+ u32 ret_32; /* return address for RM <-> PM jump */
+ u32 esp_16; /* real mode stack */
+ u16 ss_16; /* real mode ss */
+ u32 esp_32; /* pmode stack */
+ u32 segoff; /* real mode call seg/off */
+ void (*jump_rm)(); /* real mode jump proc */
+ void (*call_rm)(); /* real mode call proc */
+ void (*hook_ints)(); /* hook interrupts proc */
+ void *int_cbk; /* protected mode callback */
+ u8 boot_dsk; /* boot disk number */
+ rm_ctx rmc; /* real mode call context */
+ u16 push_fl; /* flags pushed to stack */
+ e820map mem_map; /* new memory map */
+#endif
+} bd_data;
+
+#pragma pack (pop)
+
+#define FL_CF 0x0001 // Carry Flag
+#define FL_RESV1 0x0002 // Reserved - Must be 1
+#define FL_PF 0x0004 // Parity Flag
+#define FL_RESV2 0x0008 // Reserved - Must be 0
+#define FL_AF 0x0010 // Auxiliary Flag
+#define FL_RESV3 0x0020 // Reserved - Must be 0
+#define FL_ZF 0x0040 // Zero Flag
+#define FL_SF 0x0080 // Sign Flag
+#define FL_TF 0x0100 // Trap Flag (Single Step)
+#define FL_IF 0x0200 // Interrupt Flag
+#define FL_DF 0x0400 // Direction Flag
+#define FL_OF 0x0800 // Overflow Flag
+
+#define pm_off(seg,off) pv((d32(seg) << 4) + d32(off))
+#define rm_seg(off) d16(d32(off) >> 4)
+#define rm_off(off) d16(d32(off) & 0x0F)
+
+#endif
diff --git a/Library/DiskCryptorLib/include/boot/boot.h b/Library/DiskCryptorLib/include/boot/boot.h
new file mode 100644
index 0000000..5a8a48f
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/boot.h
@@ -0,0 +1,86 @@
+#ifndef _BOOT_
+#define _BOOT_
+
+#include "../defines.h"
+#include "../volume.h"
+#include "bios.h"
+
+#define MAX_MOUNT 8
+
+#define LT_GET_PASS 1 /* entering password needed */
+#define LT_EMBED_KEY 2 /* use embedded key */
+#define LT_MESSAGE 4 /* display enter password message */
+#define LT_DSP_PASS 8 /* display '*' */
+
+#define ET_MESSAGE 1 /* display error message */
+#define ET_REBOOT 2 /* reboot after 1 second */
+#define ET_BOOT_ACTIVE 4 /* boot from active partition */
+#define ET_EXIT_TO_BIOS 8 /* exit to bios */
+#define ET_RETRY 16 /* retry authentication again */
+#define ET_MBR_BOOT 32 /* load boot disk MBR */
+
+#define BT_MBR_BOOT 1 /* load boot disk MBR */
+#define BT_MBR_FIRST 2 /* load first disk MBR */
+#define BT_ACTIVE 3 /* boot from active partition on boot disk */
+#define BT_AP_PASSWORD 4 /* boot from first partition with appropriate password */
+#define BT_DISK_ID 5 /* find partition by disk_id */
+
+#define KB_QWERTY 0 /* QWERTY keyboard layout */
+#define KB_QWERTZ 1 /* QWERTZ keyboard layout */
+#define KB_AZERTY 2 /* AZERTY keyboard layout */
+
+#define OP_EXTERNAL 0x01 /* this option indicate external bootloader usage */
+#define OP_EPS_TMO 0x02 /* set time limit for password entering */
+#define OP_TMO_STOP 0x04 /* cancel timeout if any key pressed */
+#define OP_NOPASS_ERROR 0x08 /* use incorrect password action if no password entered */
+#define OP_HW_CRYPTO 0x10 /* use hardware cryptography when possible */
+#define OP_SMALL_BOOT 0x20 /* this is a small (aes only) bootloader */
+
+#pragma pack (push, 1)
+
+#define CFG_SIGN1 0x1434A669
+#define CFG_SIGN2 0x7269DA46
+
+typedef struct _ldr_config {
+ u32 sign1;
+ u32 sign2;
+ u32 ldr_ver;
+ u8 logon_type;
+ u8 error_type;
+ u8 boot_type;
+ u32 disk_id;
+ u16 options;
+ u8 kbd_layout;
+ char eps_msg[128];
+ char err_msg[128];
+ u8 save_mbr[512];
+ u32 timeout; /* time limit for password entering */
+ u8 emb_key[64];
+
+} ldr_config;
+
+typedef struct _pt_ent {
+ u8 active;
+ u8 start_head;
+ u16 start_cyl;
+ u8 os;
+ u8 end_head;
+ u16 end_cyl;
+ u32 start_sect;
+ u32 prt_size;
+
+} pt_ent;
+
+typedef struct _lba_p {
+ u8 size;
+ u8 unk;
+ u16 numb;
+ u16 dst_off;
+ u16 dst_sel;
+ u64 sector;
+
+} lba_p;
+
+#pragma pack (pop)
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/boot/boot_hook.h b/Library/DiskCryptorLib/include/boot/boot_hook.h
new file mode 100644
index 0000000..c2f4efb
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/boot_hook.h
@@ -0,0 +1,48 @@
+#ifndef _BOOT_HOOK_H_
+#define _BOOT_HOOK_H_
+
+#include "hdd.h"
+
+typedef void (*set_ctx_proc)(u16 ax, rm_ctx *ctx);
+typedef int (*bios_call_proc)(int num, rm_ctx *ctx);
+
+void set_ctx(u16 ax, rm_ctx *ctx);
+int bios_call(int num, rm_ctx *ctx);
+
+typedef struct _boot_key {
+ u8 key[PKCS_DERIVE_MAX]; /* RAW key data */
+ u8 alg; /* cipher id */
+} boot_key;
+
+typedef struct _mount_inf {
+ u8 hdd_n;
+ boot_key *d_key;
+ boot_key *o_key;
+ u64 begin;
+ u64 end;
+ u64 size;
+ u32 flags;
+ u64 tmp_size;
+ u64 stor_off;
+ u32 disk_id;
+
+} mount_inf;
+
+#define MOUNT_MAX 8
+#define KEY_MAX 8
+
+typedef struct _io_db {
+ //hdd_inf p_hdd[HDD_MAX];
+ //u8 n_hdd;
+ mount_inf p_mount[MOUNT_MAX];
+ u8 n_mount;
+ boot_key p_key[KEY_MAX];
+ u8 n_key;
+ u16 options;
+ int ldr_dsk;
+
+} io_db;
+
+extern io_db iodb;
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/boot/dc_header.h b/Library/DiskCryptorLib/include/boot/dc_header.h
new file mode 100644
index 0000000..cefb392
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/dc_header.h
@@ -0,0 +1,9 @@
+#ifndef _DC_HEADER_H_
+#define _DC_HEADER_H_
+
+#include "..\volume.h"
+#include "..\..\crypto\xts_small.h"
+
+int dc_decrypt_header(dc_header *header, dc_pass *password);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/boot/dc_io.h b/Library/DiskCryptorLib/include/boot/dc_io.h
new file mode 100644
index 0000000..e7e3db1
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/dc_io.h
@@ -0,0 +1,6 @@
+#ifndef _DC_IO_H_
+#define _DC_IO_H_
+
+int dc_disk_io(int hdd_n, void *buff, u16 sectors, u64 start, int read);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/boot/e820.h b/Library/DiskCryptorLib/include/boot/e820.h
new file mode 100644
index 0000000..2e40ce2
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/e820.h
@@ -0,0 +1,26 @@
+#ifndef _E820_
+#define _E820_
+
+#define E820MAX 64 /* number of entries in E820MAP */
+
+#define E820_RAM 1
+#define E820_RESERVED 2
+#define E820_ACPI 3
+#define E820_NVS 4
+
+#pragma pack (push, 1)
+
+typedef struct _e820entry {
+ u64 base;
+ u64 size;
+ u32 type;
+} e820entry;
+
+typedef struct _e820map {
+ int n_map;
+ e820entry map[E820MAX];
+} e820map;
+
+#pragma pack (pop)
+
+#endif
diff --git a/Library/DiskCryptorLib/include/boot/hdd.h b/Library/DiskCryptorLib/include/boot/hdd.h
new file mode 100644
index 0000000..95f75f6
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/hdd.h
@@ -0,0 +1,36 @@
+#ifndef _HDD_
+#define _HDD_
+
+#pragma pack (push, 1)
+
+typedef struct _hdd_inf {
+ u8 flags;
+ u8 max_head;
+ u8 max_sect;
+
+} hdd_inf;
+
+#define HDD_OK 0x01
+#define HDD_LBA 0x02
+
+typedef struct _partition {
+ u8 hdd_n; /* HDD number */
+ u8 flags; /* partition flags */
+ u64 begin; /* partition offset */
+ u64 size; /* partition length */
+
+} partition;
+
+#define PT_ACTIVE 0x01
+#define PT_EXTENDED 0x02
+
+#pragma pack (pop)
+
+#define SECT_SHIFT 9
+#define HDD_MAX 16 /* maximum number of HDD's */
+#define PART_MAX 64 /* maximum number of partitions */
+
+#define dos2hdd(_x) ((((_x) >= 0x80) && ((_x) <= 0x8F)) ? (_x) - 0x80 : -1)
+#define hdd2dos(_x) ( (_x) + 0x80 )
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/boot/hdd_io.h b/Library/DiskCryptorLib/include/boot/hdd_io.h
new file mode 100644
index 0000000..4065836
--- /dev/null
+++ b/Library/DiskCryptorLib/include/boot/hdd_io.h
@@ -0,0 +1,10 @@
+#ifndef _HDD_IO_H_
+#define _HDD_IO_H_
+
+#include "hdd.h"
+
+typedef int (*phddio)(int hdd_n, void *buff, u16 sectors, u64 start, int read);
+
+int hdd_io(int hdd_n, void *buff, u16 sectors, u64 start, int read);
+
+#endif
\ No newline at end of file
diff --git a/Library/DiskCryptorLib/include/defines.h b/Library/DiskCryptorLib/include/defines.h
new file mode 100644
index 0000000..de130c5
--- /dev/null
+++ b/Library/DiskCryptorLib/include/defines.h
@@ -0,0 +1,165 @@
+#ifndef _DEFINES_H_
+#define _DEFINES_H_
+
+#ifdef IS_DRIVER
+ #include
+#endif
+
+#ifdef _UEFI
+ #include
+#endif
+
+#if !defined(IS_DRIVER) && !defined(BOOT_LDR) && !defined(_UEFI)
+ #include
+ #include
+#endif
+
+#ifndef _WCHAR_T_DEFINED
+ typedef short wchar_t;
+#endif
+
+typedef unsigned __int64 u64;
+typedef unsigned long u32;
+typedef unsigned short u16;
+typedef unsigned char u8;
+
+typedef __int64 s64;
+typedef long s32;
+typedef short s16;
+typedef char s8;
+
+#ifndef size_t
+#define size_t UINTN
+#endif
+
+#define d8(_x) ((u8)(_x))
+#define d16(_x) ((u16)(_x))
+#define d32(_x) ((u32)(_x))
+#define d64(_x) ((u64)(_x))
+#define dSZ(_x) ((size_t)(_x))
+
+typedef void (*callback)(void*);
+typedef void (*callback_ex)(void*,void*);
+
+#define BE16(x) _byteswap_ushort(x)
+#define BE32(x) _byteswap_ulong(x)
+#define BE64(x) _byteswap_uint64(x)
+
+#define ROR64(x,y) (_rotr64((x),(y)))
+#define ROL64(x,y) (_rotl64((x),(y)))
+#define ROL32(x,y) (_rotl((x), (y)))
+#define ROR32(x,y) (_rotr((x), (y)))
+#define bsf(x,y) (_BitScanForward((x),(y)))
+#define bsr(x,y) (_BitScanReverse((x),(y)))
+
+#define align16 __declspec(align(16))
+#define naked __declspec(naked)
+
+#define p8(_x) ((u8*)(_x))
+#define p16(_x) ((u16*)(_x))
+#define p32(_x) ((u32*)(_x))
+#define p64(_x) ((u64*)(_x))
+#define pv(_x) ((void*)(_x))
+#define ppv(_x) ((void**)(_x))
+
+#define in_reg(a,base,size) ( (a >= base) && (a < base+size) )
+#define is_intersect(start1, size1, start2, size2) ( max(start1, start2) < min(start1 + size1, start2 + size2) )
+#define addof(a,o) ( pv(p8(a)+o) )
+#define offsetof(type,field) ( d32(&(((type *)0)->field)) )
+
+#ifdef BOOT_LDR
+ #pragma warning(disable:4142)
+ typedef unsigned long size_t;
+ #pragma warning(default:4142)
+#endif
+
+#ifndef max
+ #define max(a,b) (((a) > (b)) ? (a) : (b))
+#endif
+
+#ifndef min
+ #define min(a,b) (((a) < (b)) ? (a) : (b))
+#endif
+
+#ifndef _align
+ #define _align(size, align) (((size) + ((align) - 1)) & ~((align) - 1))
+#endif
+
+#ifndef PAGE_SIZE
+ #define PAGE_SIZE 0x1000
+#endif
+
+#ifndef bittest
+#ifdef _M_IX86
+ #define bittest(a,b) ( _bittest(p32(&a),b) )
+#else
+ #define bittest(a,b) ( sizeof(a) == sizeof(u32) ? _bittest(p32(&a),b):_bittest64(p64(&a),b) )
+#endif /* _M_IX86 */
+#endif /* bittest */
+
+#ifndef NULL
+ #define NULL pv(0)
+#endif
+
+#ifndef MAX_PATH
+ #define MAX_PATH 260
+#endif
+
+#define sizeof_w(x) ( sizeof(x) / sizeof(wchar_t) ) /* return number of wide characters in array */
+#define array_num(x) ( sizeof(x) / sizeof((x)[0]) ) /* return number of elements in array */
+
+#define zeromem(m,s) memset(m, 0, s)
+
+/* size optimized intrinsics */
+#define mincpy(a,b,c) __movsb(pv(a), pv(b), (size_t)(c))
+#define memset(a,b,c) __stosb(pv(a), (char)(b), (size_t)(c))
+
+/* zeromem for 4byte aligned blocks */
+#define zerofast(m,s) __stosd(pv(m),0,(size_t)(s) / 4)
+
+/* fast intrinsics for memory copying and zeroing */
+#ifdef _M_IX86
+ #define fastcpy(a,b,c) __movsd(pv(a), pv(b), (size_t)(c) / 4)
+
+ #define autocpy(a,b,c) { \
+ if (!((c) % 4)) { __movsd(pv(a), pv(b), (size_t)(c) / 4); } else \
+ if (!((c) % 2)) { __movsw(pv(a), pv(b), (size_t)(c) / 2); } else \
+ { __movsb(pv(a), pv(b), (size_t)(c)); } }
+
+ #define zeroauto(m,s) { \
+ if (!((s) % 4)) { __stosd(pv(m), 0, (size_t)(s) / 4); } else \
+ if (!((s) % 2)) { __stosw(pv(m), 0, (size_t)(s) / 2); } else \
+ { __stosb(pv(m), 0, (size_t)(s)); } }
+
+ #define _disable() { __asm { cli }; }
+ #define _enable() { __asm { sti }; }
+#else
+ #define fastcpy(a,b,c) __movsq(pv(a), pv(b), (size_t)(c) / 8)
+
+ #define autocpy(a,b,c) { \
+ if (!((c) % 8)) { __movsq(pv(a), pv(b), (size_t)(c) / 8); } else \
+ if (!((c) % 4)) { __movsd(pv(a), pv(b), (size_t)(c) / 4); } else \
+ if (!((c) % 2)) { __movsw(pv(a), pv(b), (size_t)(c) / 2); } else \
+ { __movsb(pv(a), pv(b), (size_t)(c)); } }
+
+ #define zeroauto(m,s) { \
+ if (!((s) % 8)) { __stosq(pv(m), 0, (size_t)(s) / 8); } else \
+ if (!((s) % 4)) { __stosd(pv(m), 0, (size_t)(s) / 4); } else \
+ if (!((s) % 2)) { __stosw(pv(m), 0, (size_t)(s) / 2); } else \
+ { __stosb(pv(m), 0, (size_t)(s)); } }
+#endif
+
+#define lock_inc(_x) ( _InterlockedIncrement(_x) )
+#define lock_dec(_x) ( _InterlockedDecrement(_x) )
+#define lock_xchg(_p, _v) ( _InterlockedExchange(_p, _v) )
+#define lock_xchg_add(_p, _v) ( _InterlockedExchangeAdd(_p, _v) )
+
+#ifndef _UEFI
+#pragma warning(disable:4995)
+#pragma intrinsic(memcpy,memset,memcmp)
+#pragma intrinsic(strcpy,strcmp,strlen)
+#pragma intrinsic(strcat)
+#pragma warning(default:4995)
+#endif
+
+#endif
diff --git a/Library/DiskCryptorLib/include/volume.h b/Library/DiskCryptorLib/include/volume.h
new file mode 100644
index 0000000..56ee03e
--- /dev/null
+++ b/Library/DiskCryptorLib/include/volume.h
@@ -0,0 +1,83 @@
+#ifndef _VOLUME_H_
+#define _VOLUME_H_
+
+#include "defines.h"
+
+#define DC_VOLM_SIGN 0x50524344
+
+// Header key derivation
+#define PKCS5_SALT_SIZE 64
+
+// Master key + secondary key (LRW mode)
+#define DISKKEY_SIZE 256
+#define MAX_KEY_SIZE (32*3)
+#define PKCS_DERIVE_MAX (MAX_KEY_SIZE*2)
+
+#define SECTOR_SIZE 512
+#define MAX_SECTOR_SIZE 2048
+#define CD_SECTOR_SIZE 2048
+
+#define MIN_PASSWORD 1 // Minimum password length
+#define MAX_PASSWORD 128 // Maximum password length
+
+#define DC_HDR_VERSION 1
+
+#define VF_NONE 0x00
+#define VF_TMP_MODE 0x01 /* temporary encryption mode */
+#define VF_REENCRYPT 0x02 /* volume re-encryption in progress */
+#define VF_STORAGE_FILE 0x04 /* redirected area are placed in file */
+#define VF_NO_REDIR 0x08 /* redirection area is not present */
+#define VF_EXTENDED 0x10 /* this volume placed on extended partition */
+
+#define ENC_BLOCK_SIZE (1280 * 1024)
+
+#pragma pack (push, 1)
+
+typedef struct _dc_pass {
+ int size; // in bytes
+ wchar_t pass[MAX_PASSWORD];
+} dc_pass;
+
+typedef struct _dc_header {
+ u8 salt[PKCS5_SALT_SIZE]; /* pkcs5.2 salt */
+ u32 sign; /* signature 'DCRP' */
+ u32 hdr_crc; /* crc32 of decrypted volume header */
+ u16 version; /* volume format version */
+ u32 flags; /* volume flags */
+ u32 disk_id; /* unigue volume identifier */
+ int alg_1; /* crypt algo 1 */
+ u8 key_1[DISKKEY_SIZE]; /* crypt key 1 */
+ int alg_2; /* crypt algo 2 */
+ u8 key_2[DISKKEY_SIZE]; /* crypt key 2 */
+
+#pragma warning(disable:4201)
+ union {
+ u64 stor_off; /* redirection area offset */
+ u64 data_off; /* volume data offset, if redirection area is not used */
+ };
+#pragma warning(default:4201)
+ u64 use_size; /* user available volume size */
+ u64 tmp_size; /* temporary part size */
+ u8 tmp_wp_mode; /* data wipe mode */
+
+ u8 reserved[1422 - 1];
+
+} dc_header;
+
+#define IS_INVALID_VOL_FLAGS(_f) ( ((_f) & VF_NO_REDIR) && \
+ ((_f) & (VF_TMP_MODE | VF_REENCRYPT | VF_STORAGE_FILE)) )
+
+#define IS_INVALID_SECTOR_SIZE(_s) ( ((_s) % SECTOR_SIZE) || \
+ ((_s) > MAX_SECTOR_SIZE) || (sizeof(dc_header) % (_s)) )
+
+
+#define DC_AREA_SIZE (2 * 1024)
+#define DC_AREA_SECTORS (DC_AREA_SIZE / SECTOR_SIZE)
+#define DC_ENCRYPTEDDATASIZE (DC_AREA_SIZE - PKCS5_SALT_SIZE)
+#define DC_CRC_AREA_SIZE (DC_ENCRYPTEDDATASIZE - 8)
+
+
+#pragma pack (pop)
+
+
+#endif
\ No newline at end of file
diff --git a/Library/GraphLib/EfiGraph.c b/Library/GraphLib/EfiGraph.c
index 3e90646..78c68b7 100644
--- a/Library/GraphLib/EfiGraph.c
+++ b/Library/GraphLib/EfiGraph.c
@@ -381,12 +381,13 @@ BltText(
IN INT32 x,
IN INT32 y,
IN INT32 scale, // 0..256 reduce 256... enlarge
- IN CONST CHAR8 *text)
+ IN CONST VOID *text,
+ IN BOOLEAN wide)
{
INT32 posX = x;
INT32 posY = y;
const char *c;
- for (c = text; *c; ++c)
+ for (c = text; *c; c += (wide ? 2 : 1))
{
INT8 ch = *c;
if (ch >= 32 && ch <= 126) {
diff --git a/Library/GraphLib/GraphLib.vcxproj b/Library/GraphLib/GraphLib.vcxproj
new file mode 100644
index 0000000..19dcb5c
--- /dev/null
+++ b/Library/GraphLib/GraphLib.vcxproj
@@ -0,0 +1,98 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {C1457B4D-77E5-4E9E-A210-D624782B7714}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ GraphLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+ GraphLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/GraphLib/GraphLib.vcxproj.filters b/Library/GraphLib/GraphLib.vcxproj.filters
new file mode 100644
index 0000000..901ec11
--- /dev/null
+++ b/Library/GraphLib/GraphLib.vcxproj.filters
@@ -0,0 +1,35 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/Library/GraphLib/GraphLib.vcxproj.user b/Library/GraphLib/GraphLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/GraphLib/GraphLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/PasswordLib/ConsolePassword.c b/Library/PasswordLib/ConsolePassword.c
index 8588a19..a7ad86e 100644
--- a/Library/PasswordLib/ConsolePassword.c
+++ b/Library/PasswordLib/ConsolePassword.c
@@ -3,6 +3,7 @@ Ask password from console
Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+Copyright (c) 2019. DiskCryptor, David Xanatos
This program and the accompanying materials
are licensed and made available under the terms and conditions
@@ -20,17 +21,22 @@ The full text of the license may be found at
VOID
AskConsolePwdInt(
OUT UINT32 *length,
- OUT CHAR8 *asciiLine,
+ OUT VOID *asciiLine,
OUT INT32 *retCode,
- IN UINTN line_max,
- IN UINT8 show
+ IN UINTN length_max,
+ IN UINT8 show,
+ IN BOOLEAN wide
)
{
EFI_INPUT_KEY key;
UINT32 count = 0;
UINTN i;
-
- if ((asciiLine != NULL) && (line_max >= 1)) asciiLine[0] = '\0';
+ UINTN line_max = length_max;
+ if (wide)
+ line_max /= 2;
+
+ if ((asciiLine != NULL) && (line_max >= 1))
+ SET_VAR_CHAR(asciiLine, wide, 0, '\0'); //asciiLine[0] = '\0';
gST->ConOut->EnableCursor(gST->ConOut, TRUE);
if (gPasswordTimeout) {
@@ -63,6 +69,13 @@ AskConsolePwdInt(
break;
}
+ if (key.ScanCode == SCAN_F3) {
+ *retCode = AskPwdForcePass;
+ break;
+ }
+
+ // SCAN_F4
+
if (key.ScanCode == SCAN_F5) {
show = show ? 0 : 1;
if (count > 0) {
@@ -70,7 +83,10 @@ AskConsolePwdInt(
for (i = 0; i < count; i++) {
OUT_PRINT(L"\b");
}
- OUT_PRINT(L"%a", asciiLine);
+ if (wide)
+ OUT_PRINT(L"%s", asciiLine);
+ else
+ OUT_PRINT(L"%a", asciiLine);
}
else {
for (i = 0; i < count; i++) {
@@ -85,6 +101,8 @@ AskConsolePwdInt(
}
}
+ // SCAN_F6
+
if (key.ScanCode == SCAN_F7) {
gPlatformLocked = gPlatformLocked ? 0 : 1;
ConsoleShowTip(gPlatformLocked ? L" Platform locked!" : L" Platform unlocked!", 10000000);
@@ -100,6 +118,10 @@ AskConsolePwdInt(
ConsoleShowTip(gSCLocked ? L" Smart card locked!" : L" Smart card unlocked!", 10000000);
}
+ // SCAN_F10
+ // SCAN_F11
+ // SCAN_F12
+
if (key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
*retCode = AskPwdRetLogin;
break;
@@ -121,7 +143,8 @@ AskConsolePwdInt(
if (gPasswordProgress || show) {
OUT_PRINT(L"\b \b");
}
- if (asciiLine != NULL) asciiLine[--count] = '\0';
+ if (asciiLine != NULL)
+ SET_VAR_CHAR(asciiLine, wide, --count, '\0'); //asciiLine[--count] = '\0';
continue;
}
@@ -134,17 +157,21 @@ AskConsolePwdInt(
}
// save char
if (asciiLine != NULL) {
- asciiLine[count++] = (CHAR8)key.UnicodeChar;
- asciiLine[count] = 0;
+ SET_VAR_CHAR(asciiLine, wide, count++, (CHAR8)key.UnicodeChar); //asciiLine[count++] = (CHAR8)key.UnicodeChar;
+ SET_VAR_CHAR(asciiLine, wide, count, '\0'); //asciiLine[count] = 0;
}
}
} while (key.UnicodeChar != CHAR_CARRIAGE_RETURN);
- if (length != NULL) *length = count;
+ if (length != NULL) {
+ *length = count;
+ if (wide)
+ *length *= 2;
+ }
MEM_BURN (&key, sizeof (key));
// Set end of line
if (asciiLine != NULL) {
- asciiLine[count] = '\0';
+ SET_VAR_CHAR(asciiLine, wide, count, '\0'); //asciiLine[count] = '\0';
if (gPasswordProgress || show) {
for (i = 0; i < count; i++) {
OUT_PRINT(L"\b \b");
diff --git a/Library/PasswordLib/PasswordLib.vcxproj b/Library/PasswordLib/PasswordLib.vcxproj
new file mode 100644
index 0000000..036c7ab
--- /dev/null
+++ b/Library/PasswordLib/PasswordLib.vcxproj
@@ -0,0 +1,99 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {86D93E8C-EA86-44BF-B3FC-8AE5EA509C60}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ PasswordLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ PasswordLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/PasswordLib/PasswordLib.vcxproj.filters b/Library/PasswordLib/PasswordLib.vcxproj.filters
new file mode 100644
index 0000000..ff0bd48
--- /dev/null
+++ b/Library/PasswordLib/PasswordLib.vcxproj.filters
@@ -0,0 +1,38 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Resource Files
+
+
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/Library/PasswordLib/PasswordLib.vcxproj.user b/Library/PasswordLib/PasswordLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/PasswordLib/PasswordLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/Library/PasswordLib/PicturePassword.c b/Library/PasswordLib/PicturePassword.c
index aef71ab..41dc924 100644
--- a/Library/PasswordLib/PicturePassword.c
+++ b/Library/PasswordLib/PicturePassword.c
@@ -24,12 +24,13 @@ The full text of the license may be found at
CHAR16* gPasswordPictureFileName = NULL;
CHAR8* gPasswordPictureChars = NULL;
-CHAR8* gPasswordPictureCharsDefault = "MN/[aQ-eyPr}GT: |V^UqiI_gbdA9YwZ%f8t6S@D\"7uXl\\30R#+zH*,W4J?=&BLFv]hx~E;$<.o'sp1`(>C)O{!5j2nmkcK";
-//CHAR8* gPicturePasswordCharsDefault = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
-UINTN gPasswordPictureCharsLen = 95;
+//CHAR8* gPasswordPictureCharsDefault = "MN/[aQ-eyPr}GT: |V^UqiI_gbdA9YwZ%f8t6S@D\"7uXl\\30R#+zH*,W4J?=&BLFv]hx~E;$<.o'sp1`(>C)O{!5j2nmkcK";
+CHAR8* gPasswordPictureCharsDefault = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\b";
+UINTN gPasswordPictureCharsLen = 96;
UINT8 gPasswordVisible = 0;
-int gPasswordShowMark = 1;
+int gPasswordHideLetters = 1;
+int gPasswordShowMark = 0;
UINT8 gPasswordProgress = 1;
int gPasswordTimeout = 0;
@@ -65,16 +66,16 @@ CellUpdate(
IN UINTN x,
IN UINTN y,
IN BOOLEAN selected) {
- if (selected && gPasswordShowMark) {
+ if (selected && gPasswordShowMark && gPasswordHideLetters) {
BltCircle(blt, &ctxMark, (INT32)(x * step + step / 2), (INT32)(y * step + step / 2), (INT32)(step / 3), TRUE);
BltCircle(blt, &ctxCell, (INT32)(x * step + step / 2), (INT32)(y * step + step / 2), (INT32)(step / 9), TRUE);
}
else {
CHAR8 ch[2] = { 0,0 };
BltCircle(blt, &ctxCell, (INT32)(x * step + step / 2), (INT32)(y * step + step / 2), (INT32)(step / 3), FALSE);
- if (gPasswordVisible) {
+ if (gPasswordVisible || !gPasswordHideLetters) {
ch[0] = gPasswordPictureChars[(x + blt->Width / step * y) % gPasswordPictureCharsLen];
- BltText(blt, &ctxCell, (INT32)(x * step + step / 2 - 12), (INT32)(y * step + step / 2 - 12), 256, ch);
+ BltText(blt, &ctxCell, (INT32)(x * step + step / 2 - 12), (INT32)(y * step + step / 2 - 12), 256, ch, FALSE);
}
}
}
@@ -151,7 +152,7 @@ DrawTouchZone(
) {
BltFill(bltScrn, gColorBlack, (INT32)(sWidth - step), (INT32)(2 + zone->Zone * step), (INT32)(INT32)(sWidth - 2), (INT32)(step + zone->Zone * step));
BltBox(bltScrn, &ctxCell, (INT32)(sWidth - step), (INT32)(2 + zone->Zone * step), (INT32)(INT32)(sWidth - 2), (INT32)(step + zone->Zone * step));
- BltText(bltScrn, &ctxCell, (INT32)(sWidth - step * 3 / 4), (INT32)(step * 1 / 3 + zone->Zone * step), 128, zone->Message);
+ BltText(bltScrn, &ctxCell, (INT32)(sWidth - step * 3 / 4), (INT32)(step * 1 / 3 + zone->Zone * step), 128, zone->Message, FALSE);
}
BOOLEAN
@@ -171,13 +172,14 @@ IsTouchZone(
VOID
DrawPwdZone(
IN CHAR8* pwd,
- IN UINT32 pwdMax)
+ IN UINT32 pwdMax,
+ IN BOOLEAN wide)
{
INT32 pwdGrphMaxLen = (INT32)(sWidth - 2 * step);
BltFill(bltScrn, gColorBlack, 0, 0, (INT32)(sWidth - 2 * step), (INT32)(posPictY));
if (gPasswordProgress || gPasswordVisible) {
if (gPasswordVisible) {
- BltText(bltScrn, &ctxCell, 0, 0, 256, pwd);
+ BltText(bltScrn, &ctxCell, 0, 0, 256, pwd, wide);
}
else {
INT32 pwdGrphLen = (INT32)(pwdGrphMaxLen * picPwdIdx / pwdMax);
@@ -263,9 +265,10 @@ VOID
AskPictPwdInt(
IN UINTN pwdType,
IN UINTN pwdMax,
- OUT CHAR8* pwd,
+ OUT VOID* pwd,
OUT UINT32* pwdLen,
- OUT INT32* retCode
+ OUT INT32* retCode,
+ IN BOOLEAN wide
) {
EFI_STATUS res;
UINTN cellX, cellY;
@@ -283,6 +286,8 @@ AskPictPwdInt(
BOOLEAN beepOn = FALSE;
UINTN pwdAction = PwdActNone;
CHAR8 pwdNewChar = 0;
+ if (wide)
+ pwdMax /= 2;
if (gPasswordTimeout) {
InputEvents[0] = gST->ConIn->WaitForKey;
@@ -598,16 +603,18 @@ AskPictPwdInt(
BOOLEAN bUpdPwdZone = FALSE;
if (pwdNewChar == '\b' && picPwdIdx > 0) {
picPwdIdx--;
- pwd[picPwdIdx] = 0;
+ SET_VAR_CHAR(pwd, wide, picPwdIdx, 0); //pwd[picPwdIdx] = 0;
bUpdPwdZone = TRUE;
} else if ((picPwdIdx < pwdMax - 1) && (pwdNewChar >= 32)) {
- pwd[picPwdIdx++] = pwdNewChar;
- pwd[picPwdIdx] = 0;
+ SET_VAR_CHAR(pwd, wide, picPwdIdx++, pwdNewChar); //pwd[picPwdIdx++] = pwdNewChar;
+ SET_VAR_CHAR(pwd, wide, picPwdIdx, 0); //pwd[picPwdIdx] = 0;
bUpdPwdZone = TRUE;
}
if(bUpdPwdZone) {
*pwdLen = (int)picPwdIdx;
- DrawPwdZone(pwd, (INT32)pwdMax);
+ if (wide)
+ *pwdLen *= 2;
+ DrawPwdZone(pwd, (INT32)pwdMax, wide);
if (gBeepControlEnabled && gBeepEnabled) {
SpeakerBeep((UINT16)gBeepToneDefault, gBeepNumberDefault, 0, 0);
gBS->SetTimer(BeepOffEvent, TimerRelative, gBeepDurationDefault * 10);
@@ -627,7 +634,7 @@ AskPictPwdInt(
}
else if (PwdActShow == pwdAction) {
gPasswordVisible = gPasswordVisible ? 0 : 1;
- DrawPwdZone(pwd, (INT32)pwdMax);
+ DrawPwdZone(pwd, (INT32)pwdMax, wide);
DrawPwdPicture();
BltDrawBlt(bltScrn, bltPwd, posPictX, posPictY);
TZN_Show.Message = gPasswordVisible ? msgHidePwd : msgShowPwd;
diff --git a/Library/VeraCryptLib/DcsConfig.c b/Library/VeraCryptLib/DcsConfig.c
deleted file mode 100644
index e29e767..0000000
--- a/Library/VeraCryptLib/DcsConfig.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/** @file
-Interface for DCS
-
-Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
-Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
-
-This program and the accompanying materials
-are licensed and made available under the terms and conditions
-of the Apache License, Version 2.0.
-
-The full text of the license may be found at
-https://opensource.org/licenses/Apache-2.0
-**/
-
-#include
-#include
-
-#include
-#include "common/Xml.h"
-
-//////////////////////////////////////////////////////////////////////////
-// Config
-//////////////////////////////////////////////////////////////////////////
-char *gConfigBuffer = NULL;
-UINTN gConfigBufferSize = 0;
-char *gConfigBufferUpdated = NULL;
-UINTN gConfigBufferUpdatedSize = 0;
-
-BOOLEAN
-ConfigRead(char *configKey, char *configValue, int maxValueSize)
-{
- char *xml;
-
- if (gConfigBuffer == NULL) {
- if (FileLoad(NULL, L"\\EFI\\VeraCrypt\\DcsProp", &gConfigBuffer, &gConfigBufferSize) != EFI_SUCCESS) {
- return FALSE;
- }
- }
-
- xml = gConfigBufferUpdated != NULL? gConfigBufferUpdated : gConfigBuffer;
- if (xml != NULL)
- {
- xml = XmlFindElementByAttributeValue(xml, "config", "key", configKey);
- if (xml != NULL)
- {
- XmlGetNodeText(xml, configValue, maxValueSize);
- return TRUE;
- }
- }
-
- return FALSE;
-}
-
-int ConfigReadInt(char *configKey, int defaultValue)
-{
- char s[32];
- if (ConfigRead(configKey, s, sizeof(s))) {
- if (*s == '-') {
- return (-1) * (int)AsciiStrDecimalToUintn(&s[1]);
- }
- return (int)AsciiStrDecimalToUintn(s);
- }
- else
- return defaultValue;
-}
-
-
-char *ConfigReadString(char *configKey, char *defaultValue, char *str, int maxLen)
-{
- if (!ConfigRead(configKey, str, maxLen)) {
- AsciiStrCpyS(str, maxLen, defaultValue);
- }
- return str;
-}
diff --git a/Library/VeraCryptLib/DcsConfig.h b/Library/VeraCryptLib/DcsConfig.h
deleted file mode 100644
index cc803ce..0000000
--- a/Library/VeraCryptLib/DcsConfig.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/** @file
-Interface for DCS services
-
-Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
-Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
-
-This program and the accompanying materials
-are licensed and made available under the terms and conditions
-of the Apache License, Version 2.0.
-
-The full text of the license may be found at
-https://opensource.org/licenses/Apache-2.0
-**/
-
-#ifndef __DCSCONFIG_H__
-#define __DCSCONFIG_H__
-
-#include
-
-//////////////////////////////////////////////////////////////////////////
-// Config
-//////////////////////////////////////////////////////////////////////////
-extern char *gConfigBuffer;
-extern UINTN gConfigBufferSize;
-extern char *gConfigBufferUpdated;
-extern UINTN gConfigBufferUpdatedSize;
-
-BOOLEAN ConfigRead(char *configKey, char *configValue, int maxValueSize);
-int ConfigReadInt(char *configKey, int defaultValue);
-char *ConfigReadString(char *configKey, char *defaultValue, char *str, int maxLen);
-#endif
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c
index b99ed0b..d5b7a9c 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.c
+++ b/Library/VeraCryptLib/DcsVeraCrypt.c
@@ -29,8 +29,6 @@ The full text of the license may be found at
#include "Library/DcsTpmLib.h"
#include
-
-
///////////////////////////////////////////////////////////////////////////
// Globals
//////////////////////////////////////////////////////////////////////////
@@ -78,18 +76,12 @@ char* gForcePasswordMsg = NULL;
int gForcePasswordType = 0;
UINT8 gForcePasswordProgress = 1;
-CHAR8* gOnExitFailed = NULL;
-CHAR8* gOnExitSuccess = NULL;
-CHAR8* gOnExitNotFound = NULL;
-CHAR8* gOnExitTimeout = NULL;
-CHAR8* gOnExitCancelled = NULL;
-
//////////////////////////////////////////////////////////////////////////
// Authorize
/////////////////////////////////////////////////////////////////////////
#define VCCONFIG_ALLOC(data, size) \
- if(data == NULL) MEM_FREE(data); \
+ if(data != NULL) MEM_FREE(data); \
data = MEM_ALLOC(size);
VOID
@@ -102,11 +94,8 @@ VCAuthLoadConfig()
SetMem(&gAuthPassword, sizeof(gAuthPassword), 0);
- strTemp = MEM_ALLOC(MAX_MSG);
VCCONFIG_ALLOC(gPasswordPictureFileName, MAX_MSG * 2);
- ConfigReadString("PasswordPicture", "\\EFI\\VeraCrypt\\login.bmp", strTemp, MAX_MSG);
- AsciiStrToUnicodeStr(strTemp, gPasswordPictureFileName);
- MEM_FREE(strTemp);
+ ConfigReadStringW("PasswordPicture", L"\\EFI\\" DCS_DIRECTORY L"\\login.bmp", gPasswordPictureFileName, MAX_MSG);
VCCONFIG_ALLOC(gPasswordPictureChars, MAX_MSG);
ConfigReadString("PictureChars", gPasswordPictureCharsDefault, gPasswordPictureChars, MAX_MSG);
@@ -114,6 +103,8 @@ VCAuthLoadConfig()
gAuthPasswordType = ConfigReadInt("PasswordType", 0);
+ gKeyboardLayout = ConfigReadInt("KeyboardLayout", 0);
+
VCCONFIG_ALLOC(gAuthPasswordMsg, MAX_MSG);
ConfigReadString("PasswordMsg", "Password:", gAuthPasswordMsg, MAX_MSG);
@@ -148,6 +139,7 @@ VCAuthLoadConfig()
gPasswordProgress = (UINT8)ConfigReadInt("AuthorizeProgress", 1); // print "*"
gPasswordVisible = (UINT8)ConfigReadInt("AuthorizeVisible", 0); // show chars
+ gPasswordHideLetters = ConfigReadInt("PasswordHideLetters", 1); // always show letters in touch points
gPasswordShowMark = ConfigReadInt("AuthorizeMarkTouch", 1); // show touch points
gPasswordTimeout = (UINT8)ConfigReadInt("PasswordTimeout", 180); // If no password for =>
@@ -176,18 +168,6 @@ VCAuthLoadConfig()
gTPMLockedInfoDelay = ConfigReadInt("TPMLockedInfoDelay", 9);
gSCLocked = ConfigReadInt("SCLocked", 0);
- // Actions for DcsInt
- VCCONFIG_ALLOC(gOnExitSuccess, MAX_MSG);
- ConfigReadString("ActionSuccess", "Exit", gOnExitSuccess, MAX_MSG);
- VCCONFIG_ALLOC(gOnExitNotFound, MAX_MSG);
- ConfigReadString("ActionNotFound", "Exit", gOnExitNotFound, MAX_MSG);
- VCCONFIG_ALLOC(gOnExitFailed, MAX_MSG);
- ConfigReadString("ActionFailed", "Exit", gOnExitFailed, MAX_MSG);
- VCCONFIG_ALLOC(gOnExitTimeout, MAX_MSG);
- ConfigReadString("ActionTimeout", "Shutdown", gOnExitTimeout, MAX_MSG);
- VCCONFIG_ALLOC(gOnExitCancelled, MAX_MSG);
- ConfigReadString("ActionCancelled", "Exit", gOnExitCancelled, MAX_MSG);
-
strTemp = MEM_ALLOC(MAX_MSG);
ConfigReadString("PartitionGuidOS", "", strTemp, MAX_MSG);
if (strTemp[0] != 0) {
@@ -200,53 +180,6 @@ VCAuthLoadConfig()
}
}
MEM_FREE(strTemp);
-
- // touch
- tmp = ConfigReadInt("TouchDevice", -1);
- if (tmp == -1) InitTouch();
- if (tmp >= 0) {
- if (gTouchCount == 0) InitTouch();
- if (tmp < (int)gTouchCount) {
- TouchGetIO(gTouchHandles[tmp], &gTouchPointer);
- }
- }
- gTouchSimulate = ConfigReadInt("TouchSimulate", 0);
-
- // Graph
- tmp = ConfigReadInt("GraphDevice", -1);
- if (tmp == -1) InitGraph();
- if (tmp >= 0) {
- if (gGraphCount == 0) InitGraph();
- if (tmp < (int)gGraphCount) {
- GraphGetIO(gGraphHandles[tmp], &gGraphOut);
- }
- }
- if (gGraphOut != NULL) {
- tmp = ConfigReadInt("GraphMode", -1);
- if (tmp >= 0 && tmp <= (int)gGraphOut->Mode->MaxMode) {
- gGraphOut->SetMode(gGraphOut, tmp);
- }
- }
-
- // Beep
- gBeepEnabled = ConfigReadInt("Beep", 0);
- if (gBeepEnabled) {
- gBeepNumberDefault = ConfigReadInt("BeepNumber", 1);
- gBeepDurationDefault = ConfigReadInt("BeepDuration", 100);
- gBeepIntervalDefault = ConfigReadInt("BeepInterval", 0);
- gBeepToneDefault = ConfigReadInt("BeepTone", 0x500);
- gBeepControlEnabled = ConfigReadInt("BeepControl", 1) != 0;
-
- tmp = ConfigReadInt("BeepDevice", -1);
- if (tmp == -1) InitSpeaker();
- if (tmp >= 0) {
- if (gSpeakerCount == 0) InitSpeaker();
- if (tmp < (int)gSpeakerCount) {
- SpeakerSelect(tmp);
- }
- }
- }
-
}
//////////////////////////////////////////////////////////////////////////
@@ -343,7 +276,7 @@ VCAskPwd(
if (gAuthPasswordType == 1 &&
gGraphOut != NULL &&
((gTouchPointer != NULL) || (gTouchSimulate != 0))) {
- AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode);
+ AskPictPwdInt(pwdType, sizeof(vcPwd->Text), vcPwd->Text, &vcPwd->Length, &gAuthPwdCode, FALSE);
}
else {
switch (pwdType) {
@@ -358,7 +291,7 @@ VCAskPwd(
OUT_PRINT(L"%a", gAuthPasswordMsg);
break;
}
- AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible);
+ AskConsolePwdInt(&vcPwd->Length, vcPwd->Text, &gAuthPwdCode, sizeof(vcPwd->Text), gPasswordVisible, FALSE);
}
if ((gAuthPwdCode == AskPwdRetCancel) || (gAuthPwdCode == AskPwdRetTimeout)) {
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.h b/Library/VeraCryptLib/DcsVeraCrypt.h
index 1f25ae9..42506f0 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.h
+++ b/Library/VeraCryptLib/DcsVeraCrypt.h
@@ -55,11 +55,6 @@ extern INT32 gRUD;
extern int gAuthSecRegionSearch;
extern int gSecRegionInfoDelay;
-extern int gPlatformLocked;
-extern int gTPMLocked;
-extern int gTPMLockedInfoDelay;
-extern int gSCLocked;
-
extern int gAuthPwdCode;
extern CHAR8* gPlatformKeyFile;
@@ -71,12 +66,6 @@ extern char* gForcePasswordMsg;
extern int gForcePasswordType;
extern UINT8 gForcePasswordProgress;
-extern CHAR8* gOnExitFailed;
-extern CHAR8* gOnExitSuccess;
-extern CHAR8* gOnExitNotFound;
-extern CHAR8* gOnExitTimeout;
-extern CHAR8* gOnExitCancelled;
-
void
VCAuthAsk();
diff --git a/Library/VeraCryptLib/DcsVeraCryptImpl.c b/Library/VeraCryptLib/DcsVeraCryptImpl.c
new file mode 100644
index 0000000..06e0342
--- /dev/null
+++ b/Library/VeraCryptLib/DcsVeraCryptImpl.c
@@ -0,0 +1,854 @@
+/** @file
+Block R/W interceptor
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+
+#include "DcsVeraCrypt.h"
+#include
+#include
+#include
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "common/Tcdefs.h"
+#include "common/Crypto.h"
+#include "common/Volumes.h"
+#include "common/Crc.h"
+#include "crypto/cpu.h"
+#include "BootCommon.h"
+#include "DcsConfig.h"
+#include
+
+EFI_DEVICE_PATH* gDcsBoot;
+//UINTN gDcsBootSize;
+
+#pragma pack(1)
+typedef struct _BOOT_PARAMS {
+ CHAR8 Offset[TC_BOOT_LOADER_ARGS_OFFSET];
+ BootArguments BootArgs;
+ BOOT_CRYPTO_HEADER BootCryptoInfo;
+ uint16 pad1;
+ SECREGION_BOOT_PARAMS SecRegion;
+} BOOT_PARAMS, *PBOOT_PARAMS;
+#pragma pack()
+
+UINT32 gHeaderSaltCrc32 = 0;
+PBOOT_PARAMS bootParams = NULL;
+// #define EFI_BOOTARGS_REGIONS_TEST ,0x9000000, 0xA000000
+#define EFI_BOOTARGS_REGIONS_TEST
+UINTN BootArgsRegions[] = { EFI_BOOTARGS_REGIONS_HIGH, EFI_BOOTARGS_REGIONS_LOW EFI_BOOTARGS_REGIONS_TEST };
+
+CHAR8 Header[512];
+UINT32 BootDriveSignature = 0;
+EFI_GUID BootDriveSignatureGpt;
+
+EFI_HANDLE SecRegionHandle = NULL;
+UINT64 SecRegionSector = 0;
+UINT8* SecRegionData = NULL;
+UINTN SecRegionSize = 0;
+UINTN SecRegionOffset = 0;
+PCRYPTO_INFO SecRegionCryptInfo = NULL;
+
+VOID
+CleanSensitiveDataVC(BOOLEAN panic)
+{
+ if (SecRegionCryptInfo != NULL) {
+ MEM_BURN(SecRegionCryptInfo, sizeof(*SecRegionCryptInfo));
+ }
+
+ if (gRnd != NULL) {
+ MEM_BURN(gRnd, sizeof(*gRnd));
+ }
+
+ if (SecRegionData != NULL) {
+ MEM_BURN(SecRegionData, SecRegionSize);
+ }
+
+ if (gAutoPassword != NULL) {
+ MEM_BURN(gAutoPassword, MAX_PASSWORD);
+ }
+
+ if (panic && bootParams != NULL) {
+ MEM_BURN(bootParams, sizeof(*bootParams));
+ }
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Boot params memory
+//////////////////////////////////////////////////////////////////////////
+
+EFI_STATUS
+GetBootParamsMemory() {
+ EFI_STATUS status = 0;
+ UINTN index;
+ if (bootParams != NULL) return EFI_SUCCESS;
+ for (index = 0; index < sizeof(BootArgsRegions) / sizeof(BootArgsRegions[1]); ++index) {
+ status = PrepareMemory(BootArgsRegions[index], sizeof(*bootParams), &bootParams);
+ if (!EFI_ERROR(status)) {
+ return status;
+ }
+ }
+ return status;
+}
+
+EFI_STATUS
+SetSecRegionParamsMemory() {
+ EFI_STATUS status = 0;
+ UINTN index;
+ UINT8* secRegion = NULL;
+ UINT32 crc;
+ if (bootParams == NULL) return EFI_NOT_READY;
+
+ bootParams->SecRegion.Ptr = 0;
+ bootParams->SecRegion.Size = 0;
+
+ if (DeList != NULL) {
+ for (index = 0; index < sizeof(BootArgsRegions) / sizeof(BootArgsRegions[1]); ++index) {
+ status = PrepareMemory(BootArgsRegions[index], DeList->DataSize, &secRegion);
+ if (!EFI_ERROR(status)) {
+// OUT_PRINT(L"bootParams %08x SecRegion %08x\n", (UINTN)bootParams, (UINTN)secRegion);
+ CopyMem(secRegion, SecRegionData + SecRegionOffset, DeList->DataSize);
+ bootParams->SecRegion.Ptr = (UINT64)secRegion;
+ bootParams->SecRegion.Size = DeList->DataSize;
+ break;
+ }
+ }
+ }
+
+ status = gBS->CalculateCrc32(&bootParams->SecRegion, sizeof(SECREGION_BOOT_PARAMS) - 4, &crc);
+ bootParams->SecRegion.Crc = crc;
+ return status;
+}
+
+EFI_STATUS
+PrepareBootParams(
+ IN UINT32 bootDriveSignature,
+ IN PCRYPTO_INFO cryptoInfo)
+{
+ BootArguments *bootArgs;
+ EFI_STATUS status;
+ if (bootParams == NULL) status = EFI_UNSUPPORTED;
+ else {
+ bootArgs = &bootParams->BootArgs;
+ TC_SET_BOOT_ARGUMENTS_SIGNATURE(bootArgs->Signature);
+ bootArgs->BootLoaderVersion = VERSION_NUM;
+ bootArgs->CryptoInfoOffset = (uint16)(FIELD_OFFSET(BOOT_PARAMS, BootCryptoInfo));
+ bootArgs->CryptoInfoLength = (uint16)(sizeof(BOOT_CRYPTO_HEADER) + 2 + sizeof(SECREGION_BOOT_PARAMS));
+ bootArgs->HeaderSaltCrc32 = gHeaderSaltCrc32;
+ CopyMem(&bootArgs->BootPassword, &gAuthPassword, sizeof(gAuthPassword));
+ bootArgs->HiddenSystemPartitionStart = 0;
+ bootArgs->DecoySystemPartitionStart = 0;
+ bootArgs->BootDriveSignature = bootDriveSignature;
+ bootArgs->Flags = (uint32)(gAuthPim << 16);
+ bootArgs->BootArgumentsCrc32 = GetCrc32((byte *)bootArgs, (int)((byte *)&bootArgs->BootArgumentsCrc32 - (byte *)bootArgs));
+ if(cryptoInfo != NULL) bootParams->BootCryptoInfo.ea = (uint16)cryptoInfo->ea;
+ if(cryptoInfo != NULL) bootParams->BootCryptoInfo.mode = (uint16)cryptoInfo->mode;
+ if(cryptoInfo != NULL) bootParams->BootCryptoInfo.pkcs5 = (uint16)cryptoInfo->pkcs5;
+ SetSecRegionParamsMemory();
+ status = EFI_SUCCESS;
+ }
+
+ // Clean auth data
+ MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
+ MEM_BURN(&gAuthPim, sizeof(gAuthPim));
+
+ return status;
+}
+
+void GetIntersection(IN uint64 start1, IN uint32 length1, IN uint64 start2, IN uint64 end2, OUT uint64 *intersectStart, OUT uint32 *intersectLength)
+{
+ uint64 end1 = start1 + length1 - 1;
+ uint64 intersectEnd = (end1 <= end2) ? end1 : end2;
+
+ *intersectStart = (start1 >= start2) ? start1 : start2;
+ *intersectLength = (uint32)((*intersectStart > intersectEnd) ? 0 : intersectEnd + 1 - *intersectStart);
+
+ if (*intersectLength == 0)
+ *intersectStart = start1;
+}
+
+VOID UpdateDataBuffer(
+ IN OUT UINT8* buf,
+ IN UINT32 bufSize,
+ IN UINT64 sector
+ ) {
+ UINT64 intersectStart;
+ UINT32 intersectLength;
+ UINTN i;
+ if (DeList == NULL) return;
+ for (i = 0; i < DeList->Count; ++i) {
+ if (DeList->DE[i].Type == DE_Sectors) {
+ GetIntersection(
+ sector << 9, bufSize,
+ DeList->DE[i].Sectors.Start, DeList->DE[i].Sectors.Start + DeList->DE[i].Sectors.Length - 1,
+ &intersectStart, &intersectLength
+ );
+ if (intersectLength != 0) {
+// OUT_PRINT(L"S %d : %lld, %d\n", i, intersectStart, intersectLength);
+// OUT_PRINT(L"S");
+ CopyMem(
+ buf + (intersectStart - (sector << 9)),
+ SecRegionData + SecRegionOffset + DeList->DE[i].Sectors.Offset + (intersectStart - (sector << 9)),
+ intersectLength
+ );
+ }
+ }
+ }
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Read/Write
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+VCBlockIO_Write(
+ IN EFI_BLOCK_IO_PROTOCOL *This,
+ IN UINT32 MediaId,
+ IN EFI_LBA Lba,
+ IN UINTN BufferSize,
+ IN VOID *Buffer
+ )
+{
+ DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
+ CRYPTO_INFO *CryptInfo = NULL;
+ EFI_STATUS Status = EFI_SUCCESS;
+ EFI_LBA startSector;
+ DcsIntBlockIo = GetBlockIoByProtocol(This);
+ if (DcsIntBlockIo) {
+ CryptInfo = ((CRYPTO_INFO*)DcsIntBlockIo->FilterParams);
+ if (CryptInfo)
+ {
+ startSector = Lba;
+ startSector += gAuthBoot ? 0 : CryptInfo->EncryptedAreaStart.Value >> 9;
+ //Print(L"This[0x%x] mid %x Write: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
+ if ((startSector >= CryptInfo->EncryptedAreaStart.Value >> 9) &&
+ (startSector < ((CryptInfo->EncryptedAreaStart.Value + CryptInfo->EncryptedAreaLength.Value) >> 9))) {
+ VOID* writeCrypted;
+ writeCrypted = MEM_ALLOC(BufferSize);
+ if (writeCrypted == NULL) {
+ Status = EFI_BAD_BUFFER_SIZE;
+ return Status;
+ }
+ CopyMem(writeCrypted, Buffer, BufferSize);
+ // Print(L"*");
+ UpdateDataBuffer(writeCrypted, (UINT32)BufferSize, startSector);
+ EncryptDataUnits(writeCrypted, (UINT64_STRUCT*)&startSector, (UINT32)(BufferSize >> 9), CryptInfo);
+ Status = DcsIntBlockIo->LowWrite(This, MediaId, startSector, BufferSize, writeCrypted);
+ MEM_FREE(writeCrypted);
+ }
+ else {
+ Status = DcsIntBlockIo->LowWrite(This, MediaId, startSector, BufferSize, Buffer);
+ }
+ }
+ else {
+ Print(L"*");
+ Status = DcsIntBlockIo->LowWrite(This, MediaId, Lba, BufferSize, Buffer);
+ }
+ }
+ else {
+ Status = EFI_BAD_BUFFER_SIZE;
+ }
+ return Status;
+}
+
+EFI_STATUS
+VCBlockIO_Read(
+ IN EFI_BLOCK_IO_PROTOCOL *This,
+ IN UINT32 MediaId,
+ IN EFI_LBA Lba,
+ IN UINTN BufferSize,
+ OUT VOID *Buffer
+ )
+{
+ DCSINT_BLOCK_IO *DcsIntBlockIo = NULL;
+ CRYPTO_INFO *CryptInfo = NULL;
+ EFI_STATUS Status = EFI_SUCCESS;
+ EFI_LBA startSector;
+ DcsIntBlockIo = GetBlockIoByProtocol(This);
+ if (DcsIntBlockIo) {
+ CryptInfo = ((CRYPTO_INFO*)DcsIntBlockIo->FilterParams);
+ if (CryptInfo)
+ {
+ startSector = Lba;
+ startSector += gAuthBoot ? 0 : CryptInfo->EncryptedAreaStart.Value >> 9;
+ Status = DcsIntBlockIo->LowRead(This, MediaId, startSector, BufferSize, Buffer);
+ //Print(L"This[0x%x] mid %x ReadBlock: lba=%lld, size=%d %r\n", This, MediaId, Lba, BufferSize, Status);
+ if ((startSector >= CryptInfo->EncryptedAreaStart.Value >> 9) &&
+ (startSector < ((CryptInfo->EncryptedAreaStart.Value + CryptInfo->EncryptedAreaLength.Value) >> 9))) {
+ // Print(L".");
+ DecryptDataUnits(Buffer, (UINT64_STRUCT*)&startSector, (UINT32)(BufferSize >> 9), CryptInfo);
+ }
+ UpdateDataBuffer(Buffer, (UINT32)BufferSize, startSector);
+ }
+ else {
+ Print(L".");
+ Status = DcsIntBlockIo->LowRead(This, MediaId, Lba, BufferSize, Buffer);
+ }
+ }
+ else {
+ Status = EFI_BAD_BUFFER_SIZE;
+ }
+ return Status;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Security regions
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+SecRegionLoadDefault(EFI_HANDLE partHandle)
+{
+ EFI_STATUS res = EFI_SUCCESS;
+ HARDDRIVE_DEVICE_PATH dpVolme;
+ EFI_BLOCK_IO_PROTOCOL *bio = NULL;
+ EFI_PARTITION_TABLE_HEADER* gptHdr;
+
+ res = EfiGetPartDetails(partHandle, &dpVolme, &SecRegionHandle);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Part details: %r\n,", res);
+ return res;
+ }
+
+ // get BlockIo protocol
+ bio = EfiGetBlockIO(SecRegionHandle);
+ if (bio == NULL) {
+ ERR_PRINT(L"Block I/O not supported\n");
+ return EFI_NOT_FOUND;
+ }
+
+ if (bio->Media != NULL) {
+ if (bio->Media->BlockSize != 512) {
+ ERR_PRINT(L"Block size is %d. (not supported)\n", bio->Media->BlockSize);
+ return EFI_INVALID_PARAMETER;
+ }
+ }
+
+ SecRegionData = MEM_ALLOC(512);
+ if (SecRegionData == NULL) {
+ ERR_PRINT(L"No memory\n");
+ return EFI_BUFFER_TOO_SMALL;
+ }
+ SecRegionSize = 512;
+
+ res = bio->ReadBlocks(bio, bio->Media->MediaId, 0, 512, SecRegionData);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Read: %r\n", res);
+ goto error;
+ }
+
+ BootDriveSignature = *(uint32 *)(SecRegionData + 0x1b8);
+
+ res = bio->ReadBlocks(bio, bio->Media->MediaId, 1, 512, SecRegionData);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Read: %r\n", res);
+ goto error;
+ }
+
+ gptHdr = (EFI_PARTITION_TABLE_HEADER*)SecRegionData;
+ CopyMem(&BootDriveSignatureGpt, &gptHdr->DiskGUID, sizeof(BootDriveSignatureGpt));
+
+ res = bio->ReadBlocks(bio, bio->Media->MediaId, TC_BOOT_VOLUME_HEADER_SECTOR, 512, SecRegionData);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Read: %r\n", res);
+ goto error;
+ }
+
+ return EFI_SUCCESS;
+error:
+ MEM_FREE(SecRegionData);
+ SecRegionData = NULL;
+ SecRegionSize = 0;
+ return res;
+}
+
+EFI_STATUS
+SecRegionChangePwd() {
+ EFI_STATUS Status;
+ EFI_BLOCK_IO_PROTOCOL* bio = NULL;
+ PCRYPTO_INFO cryptoInfo, ci;
+ Password newPassword;
+ Password confirmPassword;
+ INT32 vcres;
+
+ Status = RndPreapare();
+ if (EFI_ERROR(Status)) {
+ ERR_PRINT(L"Rnd: %r\n", Status);
+ return Status;
+ }
+
+ do {
+ ZeroMem(&newPassword, sizeof(newPassword));
+ ZeroMem(&confirmPassword, sizeof(newPassword));
+ VCAskPwd(AskPwdNew, &newPassword);
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ return EFI_DCS_USER_CANCELED;
+ }
+ if (gAuthPwdCode == AskPwdRetTimeout) {
+ return EFI_DCS_USER_TIMEOUT;
+ }
+ VCAskPwd(AskPwdConfirm, &confirmPassword);
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ MEM_BURN(&newPassword, sizeof(newPassword));
+ return EFI_DCS_USER_CANCELED;
+ }
+ if (gAuthPwdCode == AskPwdRetTimeout) {
+ MEM_BURN(&newPassword, sizeof(newPassword));
+ return EFI_DCS_USER_TIMEOUT;
+ }
+ if (newPassword.Length == confirmPassword.Length) {
+ if (CompareMem(newPassword.Text, confirmPassword.Text, confirmPassword.Length) == 0) {
+ break;
+ }
+ }
+ ERR_PRINT(L"Password mismatch");
+ } while (TRUE);
+
+ OUT_PRINT(L"Generate...\n\r");
+ cryptoInfo = SecRegionCryptInfo;
+ vcres = CreateVolumeHeaderInMemory(
+ gAuthBoot, Header,
+ cryptoInfo->ea,
+ cryptoInfo->mode,
+ &newPassword,
+ cryptoInfo->pkcs5,
+ gAuthPim,
+ cryptoInfo->master_keydata,
+ &ci,
+ cryptoInfo->VolumeSize.Value,
+ 0, //(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,
+ cryptoInfo->EncryptedAreaStart.Value,
+ cryptoInfo->EncryptedAreaLength.Value,
+ gAuthTc ? 0 : cryptoInfo->RequiredProgramVersion,
+ cryptoInfo->HeaderFlags,
+ cryptoInfo->SectorSize,
+ FALSE);
+
+ if (vcres != 0) {
+ ERR_PRINT(L"header create error(%x)\n", vcres);
+ Status = EFI_INVALID_PARAMETER;
+ goto ret;
+ }
+
+ // get BlockIo protocol
+ bio = EfiGetBlockIO(SecRegionHandle);
+ if (bio == NULL) {
+ ERR_PRINT(L"Block io not supported\n,");
+ Status = EFI_NOT_FOUND;
+ goto ret;
+ }
+
+ Status = bio->WriteBlocks(bio, bio->Media->MediaId, SecRegionSector, 512, Header);
+ if (EFI_ERROR(Status)) {
+ ERR_PRINT(L"Write: %r\n", Status);
+ goto ret;
+ }
+ CopyMem(&gAuthPassword, &newPassword, sizeof(gAuthPassword));
+ CopyMem(SecRegionData + SecRegionOffset, Header, 512);
+
+ ERR_PRINT(L"Update (%r)\n", Status);
+ if (!EFI_ERROR(Status)) {
+ EFI_INPUT_KEY key;
+ key = KeyWait(L"Boot OS in %2d ('r' to reset) \r", 5, 0, 0);
+ if (key.UnicodeChar == 'r') {
+ MEM_BURN(&newPassword, sizeof(newPassword));
+ MEM_BURN(&confirmPassword, sizeof(confirmPassword));
+ CleanSensitiveDataVC(FALSE);
+ gST->RuntimeServices->ResetSystem(EfiResetCold, EFI_SUCCESS, 0, NULL);
+ }
+ }
+
+ret:
+ MEM_BURN(&newPassword, sizeof(newPassword));
+ MEM_BURN(&confirmPassword, sizeof(confirmPassword));
+ return Status;
+}
+
+EFI_STATUS
+SelectDcsBootBySignature()
+{
+ EFI_STATUS res = EFI_NOT_FOUND;
+ EFI_BLOCK_IO_PROTOCOL* bio = NULL;
+ EFI_PARTITION_TABLE_HEADER* gptHdr;
+ UINTN i;
+ for (i = 0; i < gBIOCount; ++i) {
+ if(EfiIsPartition(gBIOHandles[i])) continue;
+ bio = EfiGetBlockIO(gBIOHandles[i]);
+ if(bio == NULL) continue;
+ res = bio->ReadBlocks(bio, bio->Media->MediaId, 0, 512, Header);
+ if(EFI_ERROR(res)) continue;
+ if((*(UINT32*)(Header+0x1b8)) != BootDriveSignature) continue;
+ res = bio->ReadBlocks(bio, bio->Media->MediaId, 1, 512, Header);
+ if (EFI_ERROR(res)) continue;
+ gptHdr = (EFI_PARTITION_TABLE_HEADER*)Header;
+ if (CompareMem(&BootDriveSignatureGpt, &gptHdr->DiskGUID, sizeof(BootDriveSignatureGpt)) != 0) continue;
+ gDcsBoot = DevicePathFromHandle(gBIOHandles[i]);
+ //gDcsBootSize = GetDevicePathSize(gDcsBoot);
+ return EFI_SUCCESS;
+ }
+ return EFI_NOT_FOUND;
+}
+
+EFI_STATUS
+SecRegionTryDecrypt()
+{
+ int vcres = 1;
+ EFI_STATUS res = EFI_SUCCESS;
+ int retry = gAuthRetry;
+ PlatformGetID(SecRegionHandle, &gPlatformKeyFile, &gPlatformKeyFileSize);
+
+ do {
+ SecRegionOffset = 0;
+ VCAuthAsk();
+ if (gAuthPwdCode == AskPwdRetCancel) {
+ return EFI_DCS_USER_CANCELED;
+ }
+ if (gAuthPwdCode == AskPwdRetTimeout) {
+ return EFI_DCS_USER_TIMEOUT;
+ }
+ //if (gAuthPwdCode == AskPwdForcePass) {
+ // return 1;
+ //}
+
+ OUT_PRINT(L"%a", gAuthStartMsg);
+ do {
+ // EFI tables?
+ if (TablesVerify(SecRegionSize - SecRegionOffset, SecRegionData + SecRegionOffset)) {
+ EFI_TABLE_HEADER *mhdr = (EFI_TABLE_HEADER *)(SecRegionData + SecRegionOffset);
+ UINTN tblZones = (mhdr->HeaderSize + 1024 * 128 - 1) / (1024 * 128);
+ SecRegionOffset += tblZones * 1024 * 128;
+ vcres = 1;
+ continue;
+ }
+ // Try authorize zone
+ CopyMem(Header, SecRegionData + SecRegionOffset, 512);
+ vcres = ReadVolumeHeader(gAuthBoot, Header, &gAuthPassword, gAuthHash, gAuthPim, gAuthTc, &SecRegionCryptInfo, NULL);
+ SecRegionOffset += (vcres != 0) ? 1024 * 128 : 0;
+ } while (SecRegionOffset < SecRegionSize && vcres != 0);
+
+ if (vcres == 0) {
+ OUT_PRINT(L"Success\n");
+ OUT_PRINT(L"Start %d %lld len %lld\n", SecRegionOffset / (1024*128), SecRegionCryptInfo->EncryptedAreaStart.Value, SecRegionCryptInfo->EncryptedAreaLength.Value);
+ break;
+ } else {
+ ERR_PRINT(L"%a", gAuthErrorMsg);
+ // clear previous failed authentication information
+ MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
+ if (gAuthPimRqt)
+ MEM_BURN(&gAuthPim, sizeof(gAuthPim));
+ }
+ retry--;
+ } while (vcres != 0 && retry > 0);
+
+ if (vcres != 0) {
+ return EFI_CRC_ERROR;
+ }
+
+ SecRegionSector = 62 + SecRegionOffset / 512;
+
+ DeList = NULL;
+ if (SecRegionSize > 512) {
+ UINT64 startUnit = 0;
+ DecryptDataUnits(SecRegionData + SecRegionOffset + 512, (UINT64_STRUCT*)&startUnit,(UINT32)255, SecRegionCryptInfo);
+ if (CompareMem(SecRegionData + SecRegionOffset + 512, &gDcsDiskEntryListHeaderID, sizeof(gDcsDiskEntryListHeaderID)) != 0) {
+ ERR_PRINT(L"Wrong DCS list header");
+ return EFI_CRC_ERROR;
+ }
+ DeList = (DCS_DISK_ENTRY_LIST *)(SecRegionData + SecRegionOffset + 512);
+ CopyMem(&BootDriveSignature, &DeList->DE[DE_IDX_DISKID].DiskId.MbrID, sizeof(BootDriveSignature));
+ CopyMem(&BootDriveSignatureGpt, &DeList->DE[DE_IDX_DISKID].DiskId.GptID, sizeof(BootDriveSignatureGpt));
+
+ if (DeList->DE[DE_IDX_EXEC].Type == DE_ExecParams) {
+ DCS_DEP_EXEC *execParams = NULL;
+ execParams = (DCS_DEP_EXEC *)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_EXEC].Offset);
+ EfiSetVar(L"DcsExecPartGuid", NULL, &execParams->ExecPartGuid, sizeof(EFI_GUID), EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ EfiSetVar(L"DcsExecCmd", NULL, &execParams->ExecCmd, (StrLen((CHAR16*)&execParams->ExecCmd) + 1) * 2, EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ }
+
+ if (DeList->DE[DE_IDX_PWDCACHE].Type == DE_PwdCache) {
+ DCS_DEP_PWD_CACHE *pwdCache = NULL;
+ UINT64 sector = 0;
+ pwdCache = (DCS_DEP_PWD_CACHE *)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_PWDCACHE].Offset);
+ EncryptDataUnits((UINT8*)pwdCache, (UINT64_STRUCT*)§or, 1, SecRegionCryptInfo);
+ }
+
+ if (DeList->DE[DE_IDX_RND].Type == DE_Rnd) {
+ UINT8 temp[4];
+ UINT64 sector = 0;
+ DCS_RND_SAVED* rndNewSaved;
+ DCS_RND_SAVED* rndSaved = (DCS_RND_SAVED*)(SecRegionData + SecRegionOffset + DeList->DE[DE_IDX_RND].Offset);
+ if (DeList->DE[DE_IDX_RND].Length == sizeof(DCS_RND_SAVED)) {
+ if (!EFI_ERROR(res = RndLoad(rndSaved, &gRnd)) &&
+ !EFI_ERROR(res = RndGetBytes(temp, sizeof(temp))) &&
+ !EFI_ERROR(res = RndSave(gRnd, &rndNewSaved))
+ ) {
+ EFI_BLOCK_IO_PROTOCOL *bio = NULL;
+ sector = (DeList->DE[DE_IDX_RND].Offset >> 9) - 1;
+ OUT_PRINT(L"Last login %H%t%N\n", &rndSaved->SavedAt);
+
+ EncryptDataUnits((UINT8*)rndNewSaved, (UINT64_STRUCT*)§or, 1, SecRegionCryptInfo);
+ sector = SecRegionSector + (DeList->DE[DE_IDX_RND].Offset >> 9);
+
+ // get BlockIo protocol
+ bio = EfiGetBlockIO(SecRegionHandle);
+ if (bio == NULL) {
+ ERR_PRINT(L"Block io not supported\n,");
+ }
+
+ res = bio->WriteBlocks(bio, bio->Media->MediaId, sector, 512, rndNewSaved);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Write: %r\n", res);
+ }
+ }
+ }
+ }
+ }
+
+ // Select boot device
+ res = SelectDcsBootBySignature();
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Decrypt device not found\n");
+ return res;
+ }
+
+ // Change password if requested
+ if (gAuthPwdCode == AskPwdRetChange) {
+ if (gRnd != NULL)
+ {
+ res = RndPreapare();
+ if (!EFI_ERROR(res)) {
+ res = SecRegionChangePwd();
+ if (EFI_ERROR(res)) {
+ return res;
+ }
+ }
+ else {
+ ERR_PRINT(L"Random: %r\n", res);
+ }
+ }
+ else {
+ ERR_PRINT(L"Can't change password\n");
+ }
+ }
+
+ gHeaderSaltCrc32 = GetCrc32(SecRegionData + SecRegionOffset, PKCS5_SALT_SIZE);
+ return EFI_SUCCESS;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Open tables
+//////////////////////////////////////////////////////////////////////////
+UINT8* gOpenTables = NULL;
+
+BOOLEAN
+SecRegionTablesFind(UINT8* secRegion, UINTN secRegionSize, VOID** tables) {
+ UINTN pos = 0;
+ while (pos < SecRegionSize) {
+ if (TablesVerify(secRegionSize - pos, secRegion + pos)) {
+ *tables = secRegion + pos;
+ return TRUE;
+ }
+ pos += 128 * 1024;
+ }
+ return FALSE;
+}
+
+#define DCSPROP_HEADER_SIGN SIGNATURE_64('D','C','S','P','R','O','P','_')
+#define PICTPWD_HEADER_SIGN SIGNATURE_64('P','I','C','T','P','W','D','_')
+
+VOID
+VCAuthLoadConfigUpdated(UINT8* secRegion, UINTN secRegionSize) {
+ if (SecRegionTablesFind(secRegion, secRegionSize, &gOpenTables)) {
+ if (TablesGetData(gOpenTables, DCSPROP_HEADER_SIGN, &gConfigBufferUpdated, &gConfigBufferUpdatedSize)) {
+ // Reload config parameters
+ MEM_FREE(gAuthPasswordMsg);
+ gAuthPasswordMsg = NULL;
+ VCAuthLoadConfig();
+ }
+ TablesGetData(gOpenTables, PICTPWD_HEADER_SIGN, &gPictPwdBmp, &gPictPwdBmpSize);
+ }
+}
+
+VOID
+Pause(
+ IN UINTN seconds
+ )
+{
+ if (seconds) {
+ EFI_INPUT_KEY key;
+ key = KeyWait(L"%2d \r", seconds, 0, 0);
+ if (key.UnicodeChar != 0) {
+ GetKey();
+ }
+ }
+}
+
+VOID
+PauseHandleInfo(
+ IN EFI_HANDLE hndle,
+ IN UINTN seconds)
+{
+ if (seconds) {
+ EfiPrintDevicePath(hndle);
+ Pause(seconds);
+ OUT_PRINT(L"\n");
+ }
+}
+
+//////////////////////////////////////////////////////////////////////////
+// VeraCrypt Entry Point
+//////////////////////////////////////////////////////////////////////////
+EFI_STATUS
+DcsVeraCrypt(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable)
+{
+ EFI_STATUS res;
+
+ SetCleanSensitiveDataFunc(CleanSensitiveDataVC);
+
+ // Load auth parameters
+ VCAuthLoadConfig();
+
+ if (gAuthSecRegionSearch) {
+ res = PlatformGetAuthData(&SecRegionData, &SecRegionSize, &SecRegionHandle);
+ if (!EFI_ERROR(res)) {
+ VCAuthLoadConfigUpdated(SecRegionData, SecRegionSize);
+ PauseHandleInfo(SecRegionHandle, gSecRegionInfoDelay);
+ }
+ } else if (gRUD != 0) {
+ // RUD defined
+ UINTN i;
+ BOOLEAN devFound = FALSE;
+ InitUsb();
+ for (i = 0; i < gUSBCount; ++i) {
+ CHAR8* id = NULL;
+ res = UsbGetId(gUSBHandles[i], &id);
+ if (!EFI_ERROR(res) && id != NULL) {
+ INT32 rud;
+ rud = GetCrc32((unsigned char*)id, (int)AsciiStrLen(id));
+ MEM_FREE(id);
+ if (rud == gRUD) {
+ devFound = TRUE;
+ PauseHandleInfo(SecRegionHandle, gSecRegionInfoDelay);
+ break;
+ }
+ }
+ }
+ if (!devFound) return EFI_DCS_DATA_NOT_FOUND;
+ }
+
+ // Force authorization
+ if (SecRegionData == NULL && gDcsBootForce != 0) {
+ res = EFI_NOT_FOUND;
+ if (gPartitionGuidOS != NULL) {
+ // Try to find by OS partition GUID
+ UINTN i;
+ for (i = 0; i < gBIOCount; ++i) {
+ EFI_GUID guid;
+ res = EfiGetPartGUID(gBIOHandles[i], &guid);
+ if (EFI_ERROR(res)) continue;
+ if (memcmp(gPartitionGuidOS, &guid, sizeof(guid)) == 0) {
+ res = SecRegionLoadDefault(gBIOHandles[i]);
+ break;
+ }
+ }
+ } else {
+ res = SecRegionLoadDefault(gFileRootHandle);
+ }
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Failed to find Crypto Header\n");
+ return EFI_DCS_DATA_NOT_FOUND;
+ }
+ // force password type and message to simulate "press ESC to continue"
+ MEM_FREE(gAuthPasswordMsg);
+ gAuthPasswordType = gForcePasswordType;
+ gAuthPasswordMsg = gForcePasswordMsg;
+ gPasswordProgress = gForcePasswordProgress;
+ }
+
+ // ask any way? (by DcsBoot flag)
+ if (SecRegionData == NULL) {
+ if (gDcsBootForce != 0) {
+ res = SecRegionLoadDefault(gFileRootHandle);
+ if (EFI_ERROR(res)) {
+ return EFI_DCS_DATA_NOT_FOUND;
+ }
+ } else {
+ return EFI_DCS_DATA_NOT_FOUND;
+ }
+ }
+
+ res = GetBootParamsMemory();
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"No boot args memory: %r\n\r", res);
+ KeyWait(L"%02d\r", 10, 0, 0);
+ return res;
+ }
+
+ RndInit(gRndDefault, NULL, 0, &gRnd);
+
+ res = GetTpm(); // Try to get TPM
+ if (!EFI_ERROR(res)) {
+ if (gConfigBuffer != NULL) {
+ gTpm->Measure(gTpm, DCS_TPM_PCR_LOCK, gConfigBufferSize, gConfigBuffer); // Measure configuration
+ }
+ if (gTpm->IsConfigured(gTpm) && !gTpm->IsOpen(gTpm) && gTPMLockedInfoDelay) {
+ ERR_PRINT(L"TPM is configured but locked. Probably boot chain is modified!\n");
+ Pause(gTPMLockedInfoDelay);
+ }
+ }
+
+ DetectX86Features();
+ res = SecRegionTryDecrypt();
+ if (gTpm != NULL) {
+ gTpm->Lock(gTpm);
+ }
+ // Reset Console buffer
+ gST->ConIn->Reset(gST->ConIn, FALSE);
+
+ if (EFI_ERROR(res)) {
+ // clear buffers with potential authentication data
+ MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
+ MEM_BURN(&gAuthPim, sizeof(gAuthPim));
+
+ return res;
+ }
+
+ res = PrepareBootParams(BootDriveSignature, SecRegionCryptInfo);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Can not set params for OS: %r", res);
+ return res;
+ }
+
+ // Prepare decrypt
+ res = AddCryptoMount(gDcsBoot, VCBlockIO_Read, VCBlockIO_Write, SecRegionCryptInfo);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Mount %r\n", res);
+ return res;
+ }
+
+ // Install decrypt
+ res = DscInstallHook(ImageHandle, SystemTable);
+ if (EFI_ERROR(res)) {
+ ERR_PRINT(L"Bind %r\n", res);
+ return res;
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/Library/VeraCryptLib/VeraCryptLib.inf b/Library/VeraCryptLib/VeraCryptLib.inf
index e86e2fe..5e7e564 100644
--- a/Library/VeraCryptLib/VeraCryptLib.inf
+++ b/Library/VeraCryptLib/VeraCryptLib.inf
@@ -32,8 +32,6 @@ common\Volumes.c
common\Volumes.h
common\Xts.c
common\Xts.h
-common\Xml.c
-common\Xml.h
crypto\Aes.h
crypto\Aeskey.c
crypto\Aesopt.h
@@ -62,9 +60,8 @@ crypto\Camellia.c
crypto\Camellia.h
crypto\cpu.c
crypto\cpu.h
-DcsConfig.c
-DcsConfig.h
DcsVeraCrypt.c
+DcsVeraCryptImpl.c
DcsVeraCrypt.h
[Sources.X64]
diff --git a/Library/VeraCryptLib/VeraCryptLib.vcxproj b/Library/VeraCryptLib/VeraCryptLib.vcxproj
new file mode 100644
index 0000000..32b0fde
--- /dev/null
+++ b/Library/VeraCryptLib/VeraCryptLib.vcxproj
@@ -0,0 +1,151 @@
+
+
+
+
+ Debug
+ Win32
+
+
+ Release
+ Win32
+
+
+ Debug
+ x64
+
+
+ Release
+ x64
+
+
+
+ 15.0
+ {0A8B0B0A-860B-42A7-BE74-9CE16E6E415F}
+ Win32Proj
+
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+ Makefile
+ true
+ v141
+
+
+ Makefile
+ false
+ v141
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ _UEFI;_DEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ VeraCryptLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+ VeraCryptLib.exe
+ _UEFI;NDEBUG;$(NMakePreprocessorDefinitions)
+ F:\Projects\DCmod\edk2\MdePkg\Include\X64;F:\Projects\DCmod\edk2\MdePkg\Include;F:\Projects\DCmod\edk2\DcsPkg\Library\VeraCryptLib;F:\Projects\DCmod\edk2\DcsPkg\Include
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Designer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Library/VeraCryptLib/VeraCryptLib.vcxproj.filters b/Library/VeraCryptLib/VeraCryptLib.vcxproj.filters
new file mode 100644
index 0000000..6e9c40e
--- /dev/null
+++ b/Library/VeraCryptLib/VeraCryptLib.vcxproj.filters
@@ -0,0 +1,194 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;hm;inl;inc;ipp;xsd
+
+
+ {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
+ rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
+
+
+ {74834ba1-3f47-4797-9a36-7da40c271561}
+
+
+ {00df0673-ca94-4b1d-bac9-6ce7106d186f}
+
+
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Header Files
+
+
+ Header Files
+
+
+ Header Files
+
+
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Resource Files
+
+
+ Resource Files
+
+
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Crypto
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Common
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+
\ No newline at end of file
diff --git a/Library/VeraCryptLib/VeraCryptLib.vcxproj.user b/Library/VeraCryptLib/VeraCryptLib.vcxproj.user
new file mode 100644
index 0000000..6e2aec7
--- /dev/null
+++ b/Library/VeraCryptLib/VeraCryptLib.vcxproj.user
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/MkDbg.cmd b/MkDbg.cmd
new file mode 100644
index 0000000..36b5ae9
--- /dev/null
+++ b/MkDbg.cmd
@@ -0,0 +1,19 @@
+@echo off
+call dcs_bld.bat X64 VS2015
+
+if ERRORLEVEL 1 goto :exit
+
+if ["%1"]==[""] goto :exit
+
+set DCS=DCS
+mkdir %1\EFI\%DCS%\
+
+echo Copying Files to USB %1 ...
+copy %~dp0\..\Build\DcsPkg\DEBUG_VS2015x86\X64\DcsBoot.efi %1\EFI\%DCS%\DcsBoot.efi /y
+copy %~dp0\..\Build\DcsPkg\DEBUG_VS2015x86\X64\DcsInt.efi %1\EFI\%DCS%\DcsInt.dcs /y
+copy %~dp0\..\Build\DcsPkg\DEBUG_VS2015x86\X64\DcsInfo.efi %1\EFI\%DCS%\DcsInfo.dcs /y
+copy %~dp0\..\Build\DcsPkg\DEBUG_VS2015x86\X64\DcsCfg.efi %1\EFI\%DCS%\DcsCfg.dcs /y
+copy %~dp0\..\Build\DcsPkg\DEBUG_VS2015x86\X64\DcsRe.efi %1\EFI\Boot\bootx64.efi /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\LegacySpeaker.efi %1\EFI\%DCS%\LegacySpeaker.dcs /y
+
+:exit
\ No newline at end of file
diff --git a/MkRel.cmd b/MkRel.cmd
new file mode 100644
index 0000000..5b69f1e
--- /dev/null
+++ b/MkRel.cmd
@@ -0,0 +1,23 @@
+@echo off
+call dcs_bld.bat X64rel VS2015
+call dcs_bld.bat IA32rel VS2015
+
+if ERRORLEVEL 1 goto :exit
+
+mkdir %~dp0\build
+
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\DcsBoot.efi %~dp0\build\DcsBoot.efi /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\DcsInt.efi %~dp0\build\DcsInt.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\DcsInfo.efi %~dp0\build\DcsInfo.dcs /y
+rem copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\DcsCfg.efi %~dp0\build\DcsCfg.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\LegacySpeaker.efi %~dp0\build\LegacySpeaker.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\X64\DcsRe.efi %~dp0\build\DcsRe.efi /y
+
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\DcsBoot.efi %~dp0\build\DcsBoot32.efi /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\DcsInt.efi %~dp0\build\DcsInt32.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\DcsInfo.efi %~dp0\build\DcsInfo32.dcs /y
+rem copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\DcsCfg.efi %~dp0\build\DcsCfg32.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\LegacySpeaker.efi %~dp0\build\LegacySpeaker32.dcs /y
+copy %~dp0\..\Build\DcsPkg\RELEASE_VS2015x86\IA32\DcsRe.efi %~dp0\build\DcsRe32.efi /y
+
+:exit
\ No newline at end of file
diff --git a/OpenEnv.cmd b/OpenEnv.cmd
new file mode 100644
index 0000000..044b86e
--- /dev/null
+++ b/OpenEnv.cmd
@@ -0,0 +1,17 @@
+@echo off
+
+call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\Tools\VsDevCmd.bat"
+
+call "..\edksetup.bat"
+
+echo ***********************************************
+echo *
+echo * dcs_bld.bat X64 VS2015
+echo * dcs_bld.bat X64Rel VS2015
+echo *
+echo * dcs_bld.bat IA32 VS2015
+echo * dcs_bld.bat IA32rel VS2015
+echo *
+echo.
+
+cmd.exe
\ No newline at end of file