BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount)
{
BiosResult result;
bool decrypt = true;
if (BootCryptoInfo->hiddenVolume)
{
if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount))
return BiosResultInvalidFunction;
if (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector)
{
// Remap the request to the hidden volume
sector -= EncryptedVirtualPartition.StartSector;
sector += HiddenVolumeStartSector;
}
else
decrypt = false;
}
result = ReadSectors (destSegment, destOffset, drive, sector, sectorCount);
if (result != BiosResultSuccess || !decrypt)
return result;
if (BootCryptoInfo->hiddenVolume)
{
// Convert sector number to data unit number of the hidden volume
sector -= HiddenVolumeStartSector;
sector += HiddenVolumeStartUnitNo;
}
if (drive == EncryptedVirtualPartition.Drive)
{
while (sectorCount-- > 0)
{
if (BootCryptoInfo->hiddenVolume
|| (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector))
{
AcquireSectorBuffer();
CopyMemory (destSegment, destOffset, SectorBuffer, TC_LB_SIZE);
DecryptDataUnits (SectorBuffer, §or, 1, BootCryptoInfo);
CopyMemory (SectorBuffer, destSegment, destOffset, TC_LB_SIZE);
ReleaseSectorBuffer();
}
++sector;
destOffset += TC_LB_SIZE;
}
}
return result;
}
static bool OpenVolume (byte drive, Password &password, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32, bool skipNormal, bool skipHidden)
{
int volumeType;
bool hiddenVolume;
uint64 headerSec;
AcquireSectorBuffer();
for (volumeType = 1; volumeType <= 2; ++volumeType)
{
hiddenVolume = (volumeType == 2);
if (hiddenVolume)
{
if (skipHidden || PartitionFollowingActive.Drive != drive || PartitionFollowingActive.SectorCount <= ActivePartition.SectorCount)
continue;
headerSec = PartitionFollowingActive.StartSector + TC_HIDDEN_VOLUME_HEADER_OFFSET / TC_LB_SIZE;
}
else
{
if (skipNormal)
continue;
headerSec.HighPart = 0;
headerSec.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR;
}
if (ReadSectors (SectorBuffer, drive, headerSec, 1) != BiosResultSuccess)
continue;
if (ReadVolumeHeader (!hiddenVolume, (char *) SectorBuffer, &password, cryptoInfo, nullptr) == ERR_SUCCESS)
{
// Prevent opening a non-system hidden volume
if (hiddenVolume && !((*cryptoInfo)->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM))
{
crypto_close (*cryptoInfo);
continue;
}
if (headerSaltCrc32)
*headerSaltCrc32 = GetCrc32 (SectorBuffer, PKCS5_SALT_SIZE);
break;
}
}
ReleaseSectorBuffer();
return volumeType != 3;
}
BiosResult UpdateBootSectorConfiguration (byte drive)
{
AcquireSectorBuffer();
BiosResult result = ReadWriteMBR (false, drive);
if (result != BiosResultSuccess)
goto ret;
SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] = BootSectorFlags;
result = ReadWriteMBR (true, drive);
ret:
ReleaseSectorBuffer();
return result;
}
BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount)
{
BiosResult result;
AcquireSectorBuffer();
uint64 dataUnitNo;
uint64 writeOffset;
dataUnitNo = sector;
writeOffset.HighPart = 0;
writeOffset.LowPart = 0;
if (BootCryptoInfo->hiddenVolume)
{
if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount))
return BiosResultInvalidFunction;
// Remap the request to the hidden volume
writeOffset = HiddenVolumeStartSector;
writeOffset -= EncryptedVirtualPartition.StartSector;
dataUnitNo -= EncryptedVirtualPartition.StartSector;
dataUnitNo += HiddenVolumeStartUnitNo;
}
while (sectorCount-- > 0)
{
CopyMemory (sourceSegment, sourceOffset, SectorBuffer, TC_LB_SIZE);
if (drive == EncryptedVirtualPartition.Drive && sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector)
{
EncryptDataUnits (SectorBuffer, &dataUnitNo, 1, BootCryptoInfo);
}
result = WriteSectors (SectorBuffer, drive, sector + writeOffset, 1);
if (result != BiosResultSuccess)
break;
++sector;
++dataUnitNo;
sourceOffset += TC_LB_SIZE;
}
ReleaseSectorBuffer();
return result;
}
void ReadBootSectorUserConfiguration ()
{
byte userConfig;
AcquireSectorBuffer();
if (ReadWriteMBR (false, BootLoaderDrive, true) != BiosResultSuccess)
goto ret;
userConfig = SectorBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET];
#ifdef TC_WINDOWS_BOOT_AES
EnableHwEncryption (!(userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION));
#endif
PreventBootMenu = (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC);
memcpy (CustomUserMessage, SectorBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH);
CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0;
if (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE)
{
if (CustomUserMessage[0])
{
InitVideoMode();
Print (CustomUserMessage);
}
DisableScreenOutput();
}
OuterVolumeBackupHeaderCrc = *(uint32 *) (SectorBuffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET);
ret:
ReleaseSectorBuffer();
}
