BiosResult ReadEncryptedSectors (uint16 destSegment, uint16 destOffset, byte drive, uint64 sector, uint16 sectorCount) { BiosResult result; bool decrypt = true; if (BootCryptoInfo->hiddenVolume) { if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) return BiosResultInvalidFunction; if (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) { // Remap the request to the hidden volume sector -= EncryptedVirtualPartition.StartSector; sector += HiddenVolumeStartSector; } else decrypt = false; } result = ReadSectors (destSegment, destOffset, drive, sector, sectorCount); if (result != BiosResultSuccess || !decrypt) return result; if (BootCryptoInfo->hiddenVolume) { // Convert sector number to data unit number of the hidden volume sector -= HiddenVolumeStartSector; sector += HiddenVolumeStartUnitNo; } if (drive == EncryptedVirtualPartition.Drive) { while (sectorCount-- > 0) { if (BootCryptoInfo->hiddenVolume || (sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector)) { AcquireSectorBuffer(); CopyMemory (destSegment, destOffset, SectorBuffer, TC_LB_SIZE); DecryptDataUnits (SectorBuffer, §or, 1, BootCryptoInfo); CopyMemory (SectorBuffer, destSegment, destOffset, TC_LB_SIZE); ReleaseSectorBuffer(); } ++sector; destOffset += TC_LB_SIZE; } } return result; }
static bool OpenVolume (byte drive, Password &password, CRYPTO_INFO **cryptoInfo, uint32 *headerSaltCrc32, bool skipNormal, bool skipHidden) { int volumeType; bool hiddenVolume; uint64 headerSec; AcquireSectorBuffer(); for (volumeType = 1; volumeType <= 2; ++volumeType) { hiddenVolume = (volumeType == 2); if (hiddenVolume) { if (skipHidden || PartitionFollowingActive.Drive != drive || PartitionFollowingActive.SectorCount <= ActivePartition.SectorCount) continue; headerSec = PartitionFollowingActive.StartSector + TC_HIDDEN_VOLUME_HEADER_OFFSET / TC_LB_SIZE; } else { if (skipNormal) continue; headerSec.HighPart = 0; headerSec.LowPart = TC_BOOT_VOLUME_HEADER_SECTOR; } if (ReadSectors (SectorBuffer, drive, headerSec, 1) != BiosResultSuccess) continue; if (ReadVolumeHeader (!hiddenVolume, (char *) SectorBuffer, &password, cryptoInfo, nullptr) == ERR_SUCCESS) { // Prevent opening a non-system hidden volume if (hiddenVolume && !((*cryptoInfo)->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM)) { crypto_close (*cryptoInfo); continue; } if (headerSaltCrc32) *headerSaltCrc32 = GetCrc32 (SectorBuffer, PKCS5_SALT_SIZE); break; } } ReleaseSectorBuffer(); return volumeType != 3; }
BiosResult UpdateBootSectorConfiguration (byte drive) { AcquireSectorBuffer(); BiosResult result = ReadWriteMBR (false, drive); if (result != BiosResultSuccess) goto ret; SectorBuffer[TC_BOOT_SECTOR_CONFIG_OFFSET] = BootSectorFlags; result = ReadWriteMBR (true, drive); ret: ReleaseSectorBuffer(); return result; }
BiosResult WriteEncryptedSectors (uint16 sourceSegment, uint16 sourceOffset, byte drive, uint64 sector, uint16 sectorCount) { BiosResult result; AcquireSectorBuffer(); uint64 dataUnitNo; uint64 writeOffset; dataUnitNo = sector; writeOffset.HighPart = 0; writeOffset.LowPart = 0; if (BootCryptoInfo->hiddenVolume) { if (ReadWritePartiallyCoversEncryptedArea (sector, sectorCount)) return BiosResultInvalidFunction; // Remap the request to the hidden volume writeOffset = HiddenVolumeStartSector; writeOffset -= EncryptedVirtualPartition.StartSector; dataUnitNo -= EncryptedVirtualPartition.StartSector; dataUnitNo += HiddenVolumeStartUnitNo; } while (sectorCount-- > 0) { CopyMemory (sourceSegment, sourceOffset, SectorBuffer, TC_LB_SIZE); if (drive == EncryptedVirtualPartition.Drive && sector >= EncryptedVirtualPartition.StartSector && sector <= EncryptedVirtualPartition.EndSector) { EncryptDataUnits (SectorBuffer, &dataUnitNo, 1, BootCryptoInfo); } result = WriteSectors (SectorBuffer, drive, sector + writeOffset, 1); if (result != BiosResultSuccess) break; ++sector; ++dataUnitNo; sourceOffset += TC_LB_SIZE; } ReleaseSectorBuffer(); return result; }
void ReadBootSectorUserConfiguration () { byte userConfig; AcquireSectorBuffer(); if (ReadWriteMBR (false, BootLoaderDrive, true) != BiosResultSuccess) goto ret; userConfig = SectorBuffer[TC_BOOT_SECTOR_USER_CONFIG_OFFSET]; #ifdef TC_WINDOWS_BOOT_AES EnableHwEncryption (!(userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_HW_ENCRYPTION)); #endif PreventBootMenu = (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC); memcpy (CustomUserMessage, SectorBuffer + TC_BOOT_SECTOR_USER_MESSAGE_OFFSET, TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH); CustomUserMessage[TC_BOOT_SECTOR_USER_MESSAGE_MAX_LENGTH] = 0; if (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) { if (CustomUserMessage[0]) { InitVideoMode(); Print (CustomUserMessage); } DisableScreenOutput(); } OuterVolumeBackupHeaderCrc = *(uint32 *) (SectorBuffer + TC_BOOT_SECTOR_OUTER_VOLUME_BAK_HEADER_CRC_OFFSET); ret: ReleaseSectorBuffer(); }