📄 freeotfe4pda.c
字号:
// Description:
// By Sarah Dean
// Email: sdean12@sdean12.org
// WWW: http://www.FreeOTFE.org/
//
// -----------------------------------------------------------------------------
//
#include "FreeOTFENULLGUID.h" // Must be first
#include "FreeOTFE4PDAContextMgrDevice.h"
#include "FreeOTFE4PDAContextMgrOpen.h"
#include "FreeOTFE4PDA.h"
#include "FreeOTFEDebug.h"
#include "FreeOTFElib.h"
#include "FreeOTFE4PDAlib.h"
#include "FreeOTFE4PDAAPI.h"
#include "FreeOTFE4PDARegistry.h"
#include "FreeOTFEGenerateBlockIV.h"
#include "FreeOTFECallModuleFn.h"
#include "FreeOTFE4PDAAPIConsts.h"
// KDF implementations...
#include "FreeOTFEKDFHashSaltedPassword.h"
#include "FreeOTFEKDFPBKDF2.h"
// MAC implementations...
#include "FreeOTFEMACHash.h"
#include "FreeOTFEMACHMAC.h"
#include "SDUGeneral.h"
#include <Pkfuncs.h> // Required for MapPtrToProcess(...)
BOOL G_contextMgrForceDismounts = FALSE;
// =========================================================================
BOOL WINAPI DllMain(
HANDLE hinstDLL,
DWORD dwReason,
LPVOID lpvReserved
)
{
BOOL retval = TRUE;
int majorVersion;
int minorVersion;
int revisionVersion;
int buildVersion;
#if DBG
static BOOL setDebugLevel = FALSE;
// Default to all on
// ULONG default_DebugLevel = 0xFFFFFFFF;
// Default to all except verbose debug
ULONG default_DebugLevel =
DEBUGLEV_ERROR |
DEBUGLEV_WARN |
DEBUGLEV_INFO |
DEBUGLEV_ENTER |
DEBUGLEV_EXIT;
DWORD useDebugLevel;
DEBUGOUTMAINDRV(DEBUGLEV_ENTER, (TEXT("DllMain\n")));
if (!(setDebugLevel))
{
useDebugLevel = ReadDebugLevelFromFile(DEBUGLEVEL_FILE);
if (useDebugLevel == FREEOTFE_DEBUG_LEVEL_NOT_READ)
{
useDebugLevel = default_DebugLevel;
}
FreeOTFEDebugLevel = useDebugLevel;
setDebugLevel = TRUE;
}
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Debug level : %d\n"), FreeOTFEDebugLevel));
#endif
if (!(SDUGetVersionInfo(
NULL,
&majorVersion,
&minorVersion,
&revisionVersion,
&buildVersion
)))
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Driver version: <unable to determine>\n")));
}
else
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Driver version: v%02d.%02d.%02d.%04d\n"),
majorVersion,
minorVersion,
revisionVersion,
buildVersion
));
}
switch (dwReason)
{
case DLL_PROCESS_ATTACH:
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("DLL_PROCESS_ATTACH\n")));
// We really don't care about getting
// DLL_THREAD_ATTACH/DLL_THREAD_DETACH calls; disable them
DisableThreadLibraryCalls(hinstDLL);
retval = contextMgrDevice_Init();
if (retval)
{
retval = contextMgrOpen_Init();
}
break;
}
case DLL_THREAD_ATTACH:
{
// This should never be reached; we disable thread
// DLL_THREAD_ATTACH/DLL_THREAD_DETACH calls
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("DLL_THREAD_ATTACH\n")));
break;
}
case DLL_THREAD_DETACH:
{
// This should never be reached; we disable thread
// DLL_THREAD_ATTACH/DLL_THREAD_DETACH calls
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("DLL_THREAD_DETACH\n")));
break;
}
case DLL_PROCESS_DETACH:
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("DLL_PROCESS_DETACH\n")));
contextMgrDevice_Deinit();
contextMgrOpen_Deinit();
retval = TRUE;
break;
}
}
DEBUGOUTMAINDRV(DEBUGLEV_EXIT, (TEXT("DllMain\n")));
return retval;
}
// =========================================================================
DWORD DSK_Init(
LPCTSTR pContext,
LPCVOID lpvBusContext
)
{
DWORD retval;
DEVICE_CONTEXT* devContext = NULL;
LARGE_INTEGER tmpLargeInt;
REGDETAILS_BUILTIN regdetailsBuiltin;
DIOC_MOUNT* DIOCBuffer = NULL;
PCHAR ptrMasterKey;
PCHAR ptrVolumeIV;
PCHAR ptrMetaData;
BOOL allOK = TRUE;
DWORD desiredAccess;
DWORD fileFlags;
LARGE_INTEGER dataEnd;
LARGE_INTEGER determinedMaxSize;
DWORD i;
unsigned char tmpHashBuffer[FREEOTFE_MAX_HASH_LENGTH];
unsigned int tmpHashBufferUsed;
unsigned int useHashBits;
int profileStrLen;
DEBUGOUTMAINDRV(DEBUGLEV_ENTER, (TEXT("DSK_Init\n")));
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Registry key (Active): %ls\n"), pContext));
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Mount struct : 0x%0.8x\n"), lpvBusContext));
DIOCBuffer = (DIOC_MOUNT*)lpvBusContext;
// Check param passed in...
if (allOK)
{
// Check the struct passed in is valid
if (pContext == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Registry key passed in invalid.\n")));
allOK = FALSE;
}
// Check the struct passed in is valid.
// Note that we can't do any other validation than this; we have to assume
// the struct passed in is valid
if (lpvBusContext == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Init context passed in invalid.\n")));
allOK = FALSE;
}
}
// Allocate persistant memory to store disk metadata...
if (allOK)
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("About to malloc persistant disk metadata...\n")));
devContext = malloc(sizeof(*devContext));
if (devContext == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Unable to malloc persistant disk metadata.\n")));
allOK = FALSE;
}
else
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("malloc'd disk metadata.\n")));
}
}
// From here on in, we're initing the new disk metadata
if (allOK)
{
// Blank struct
memset(devContext, 0, sizeof(*devContext));
}
// Initialize critical section...
if (allOK)
{
devContext->CriticalSection = malloc(sizeof(*devContext->CriticalSection));
if (devContext->CriticalSection == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Unable to malloc CriticalSection.\n")));
allOK = FALSE;
}
else
{
InitializeCriticalSection(devContext->CriticalSection);
}
}
// Initialize various simple members...
if (allOK)
{
devContext->OpenCount = 0;
devContext->Mounted = TRUE; // If it can't mount, we'll be destroying this
// struct, so we may as well set "Mounted" to
// TRUE, assuming everything's OK
}
// Get active registry key entries...
if (allOK)
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Getting Active registry key entries...\n")));
if (!(RegDetailsGetActiveByKey(
(WCHAR*)pContext,
//FALSE,
&(devContext->RegdetailsActive)
)))
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Failed to get active registry entries.\n")));
allOK = FALSE;
}
else
{
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("Active registry key entries:\n")));
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("ARK builtin key : %ls\n"), devContext->RegdetailsActive.Key));
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("ARK name : %ls\n"), devContext->RegdetailsActive.Name));
DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("(ARK) mountpoint: %ls\n"), devContext->RegdetailsActive.Mountpoint));
// The "Hnd" key appears to be set to the same value as returned by
// ActivateDeviceEx, however this doesn't apear documented; hence we set the
// handle explicitly on the device so we can retrieve it the device there
// later
//DEBUGOUTMAINDRV(DEBUGLEV_INFO, (TEXT("ARK Hnd : 0x%0.8x\n"), devContext->RegdetailsActive.Hnd));
}
}
// Initialize various simple members...
if (allOK)
{
devContext->DismountPending = FALSE;
devContext->MountSource = DIOCBuffer->MountSource;
}
// Volume filename...
if (allOK)
{
DEBUGOUTMAINDRV(
DEBUGLEV_INFO,
(TEXT("Filename: %ls\n"),
DIOCBuffer->Filename)
);
devContext->zzFilename = calloc(
// +1 for NULL terminator
(wcslen(DIOCBuffer->Filename) + 1),
sizeof(devContext->zzFilename[0])
);
if (devContext->zzFilename == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Unable to calloc memory to store filename\n")));
allOK = FALSE;
}
else
{
wcscpy(devContext->zzFilename, DIOCBuffer->Filename);
DEBUGOUTMAINDRV(
DEBUGLEV_INFO,
(TEXT("Volume filename: %ls\n"),
devContext->zzFilename)
);
}
}
// Mountpoint...
if (allOK)
{
DEBUGOUTMAINDRV(
DEBUGLEV_INFO,
(TEXT("Mountpoint: %ls\n"),
DIOCBuffer->Mountpoint)
);
devContext->Mountpoint = calloc(
// +1 for NULL terminator
(wcslen(DIOCBuffer->Mountpoint) + 1),
sizeof(devContext->Mountpoint[0])
);
if (devContext->Mountpoint == NULL)
{
DEBUGOUTMAINDRV(DEBUGLEV_ERROR, (TEXT("Unable to calloc memory to store mountpoint\n")));
allOK = FALSE;
}
else
{
wcscpy(devContext->Mountpoint, DIOCBuffer->Mountpoint);
DEBUGOUTMAINDRV(
DEBUGLEV_INFO,
(TEXT("Mountpoint: %ls\n"),
devContext->Mountpoint)
);
}
}
// Get file attributes...
// Note: File attributes obtained before opening file, file timestamps
// obtained after opening file
if (allOK)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -