truecrypt-bootencryption.diff

diff --git a/Common/BootEncryption.cpp b/Common/BootEncryption.cpp
index 83571ab..0ca1863 100644
--- a/Common/BootEncryption.cpp
+++ b/Common/BootEncryption.cpp
@@ -1861,6 +1861,8 @@ namespace TrueCrypt
 
 	void BootEncryption::CheckRequirements ()
 	{
+		AbortProcess ("INSECURE_APP");
+
 		if (nCurrentOS == WIN_2000)
 			throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_CURRENT_OS");
  
@@ -2232,72 +2234,13 @@ namespace TrueCrypt
 
 	void BootEncryption::PrepareHiddenOSCreation (int ea, int mode, int pkcs5)
 	{
-		BootEncryptionStatus encStatus = GetStatus();
-		if (encStatus.DriveMounted)
-			throw ParameterIncorrect (SRC_POS);
-
-		CheckRequirements();
-		BackupSystemLoader();
-
-		SelectedEncryptionAlgorithmId = ea;
+		AbortProcess ("INSECURE_APP");
 	}
 
 
 	void BootEncryption::PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, const string &rescueIsoImagePath)
 	{
-		BootEncryptionStatus encStatus = GetStatus();
-		if (encStatus.DriveMounted)
-			throw ParameterIncorrect (SRC_POS);
-
-		CheckRequirements ();
-
-		SystemDriveConfiguration config = GetSystemDriveConfiguration();
-
-		// Some chipset drivers may prevent access to the last sector of the drive
-		if (!systemPartitionOnly)
-		{
-			DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber);
-			Buffer sector (geometry.BytesPerSector);
-
-			Device device (config.DevicePath);
-
-			try
-			{
-				device.SeekAt (config.DrivePartition.Info.PartitionLength.QuadPart - geometry.BytesPerSector);
-				device.Read (sector.Ptr(), sector.Size());
-			}
-			catch (SystemException &e)
-			{
-				if (e.ErrorCode != ERROR_CRC)
-				{
-					e.Show (ParentWindow);
-					Error ("WHOLE_DRIVE_ENCRYPTION_PREVENTED_BY_DRIVERS");
-					throw UserAbort (SRC_POS);
-				}
-			}
-		}
-
-		BackupSystemLoader ();
-
-		uint64 volumeSize;
-		uint64 encryptedAreaStart;
-
-		if (systemPartitionOnly)
-		{
-			volumeSize = config.SystemPartition.Info.PartitionLength.QuadPart;
-			encryptedAreaStart = config.SystemPartition.Info.StartingOffset.QuadPart;
-		}
-		else
-		{
-			volumeSize = config.DrivePartition.Info.PartitionLength.QuadPart - TC_BOOT_LOADER_AREA_SIZE;
-			encryptedAreaStart = config.DrivePartition.Info.StartingOffset.QuadPart + TC_BOOT_LOADER_AREA_SIZE;
-		}
-
-		SelectedEncryptionAlgorithmId = ea;
-		CreateVolumeHeader (volumeSize, encryptedAreaStart, &password, ea, mode, pkcs5);
-		
-		if (!rescueIsoImagePath.empty())
-			CreateRescueIsoImage (true, rescueIsoImagePath);
+		AbortProcess ("INSECURE_APP");
 	}
 
 	bool BootEncryption::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly)
@@ -2358,19 +2301,7 @@ namespace TrueCrypt
 
 	void BootEncryption::StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors)
 	{
-		BootEncryptionStatus encStatus = GetStatus();
-
-		if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress)
-			throw ParameterIncorrect (SRC_POS);
-
-		BootEncryptionSetupRequest request;
-		ZeroMemory (&request, sizeof (request));
-		
-		request.SetupMode = SetupEncryption;
-		request.WipeAlgorithm = wipeAlgorithm;
-		request.ZeroUnreadableSectors = zeroUnreadableSectors;
-
-		CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0);
+		AbortProcess ("INSECURE_APP");
 	}
 
 	void BootEncryption::CopyFileAdmin (const string &sourceFile, const string &destinationFile)

truecrypt-bootmain.diff

diff --git a/Boot/Windows/BootMain.cpp b/Boot/Windows/BootMain.cpp
index 5d4b942..0b6e6a6 100644
--- a/Boot/Windows/BootMain.cpp
+++ b/Boot/Windows/BootMain.cpp
@@ -75,7 +75,9 @@ static void PrintMainMenu ()
 
 #endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE
 
-	PrintEndl (3);
+	PrintEndl (2);
+	Print ("WARNING: Using TrueCrypt is not secure");
+	PrintEndl (2);
 }
 
 
@@ -574,125 +576,6 @@ static void BootMenu ()
 
 #ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE
 
-static bool CopySystemPartitionToHiddenVolume (byte drive, byte &exitKey)
-{
-	bool status = false;
-
-	uint64 sectorsRemaining;
-	uint64 sectorOffset;
-	sectorOffset.LowPart = 0;
-	sectorOffset.HighPart = 0;
-
-	int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS
-	int statCount;
-
-	if (!CheckMemoryRequirements ())
-		goto err;
-
-	if (!GetSystemPartitions (drive))
-		goto err;
-
-	if (PartitionFollowingActive.Drive == TC_INVALID_BIOS_DRIVE)
-		TC_THROW_FATAL_EXCEPTION;
-
-	// Check if BIOS can read the last sector of the hidden system
-	AcquireSectorBuffer();
-
-	if (ReadSectors (SectorBuffer, PartitionFollowingActive.Drive, PartitionFollowingActive.EndSector - (TC_VOLUME_HEADER_GROUP_SIZE / TC_LB_SIZE - 2), 1) != BiosResultSuccess
-		|| GetCrc32 (SectorBuffer, sizeof (SectorBuffer)) != OuterVolumeBackupHeaderCrc)
-	{
-		PrintErrorNoEndl ("Your BIOS does not support large drives");
-		Print (IsLbaSupported (PartitionFollowingActive.Drive) ? " due to a bug" : "\r\n- Enable LBA in BIOS");
-		PrintEndl();
-		Print (TC_BOOT_STR_UPGRADE_BIOS);
-
-		ReleaseSectorBuffer();
-		goto err;
-	}
-
-	ReleaseSectorBuffer();
-
-	if (!MountVolume (drive, exitKey, true, false))
-		return false;
-
-	sectorsRemaining = EncryptedVirtualPartition.SectorCount;
-
-	if (!(sectorsRemaining == ActivePartition.SectorCount))
-		TC_THROW_FATAL_EXCEPTION;
-
-	InitScreen();
-	Print ("\r\nCopying system to hidden volume. To abort, press Esc.\r\n\r\n");
-
-	while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0)
-	{
-		if (EscKeyPressed())
-		{
-			Print ("\rIf aborted, copying will have to start from the beginning (if attempted again).\r\n");
-			if (AskYesNo ("Abort"))
-				break;
-		}
-
-		if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount)
-			fragmentSectorCount = (int) sectorsRemaining.LowPart;
-
-		if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, ActivePartition.StartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess)
-		{
-			Print ("To fix bad sectors: 1) Terminate 2) Encrypt and decrypt sys partition 3) Retry\r\n");
-			crypto_close (BootCryptoInfo);
-			goto err;
-		}
-
-		AcquireSectorBuffer();
-
-		for (int i = 0; i < fragmentSectorCount; ++i)
-		{
-			CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE);
-
-			uint64 s = HiddenVolumeStartUnitNo + sectorOffset + i;
-			EncryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo);
-
-			CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE);
-		} 
-
-		ReleaseSectorBuffer();
-
-		if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, HiddenVolumeStartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess)
-		{
-			crypto_close (BootCryptoInfo);
-			goto err;
-		}
-
-		sectorsRemaining = sectorsRemaining - fragmentSectorCount;
-		sectorOffset = sectorOffset + fragmentSectorCount;
-
-		if (!(statCount++ & 0xf))
-		{
-			Print ("\rRemaining: ");
-			PrintSectorCountInMB (sectorsRemaining);
-		}
-	}
-
-	crypto_close (BootCryptoInfo);
-
-	if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0)
-	{
-		status = true;
-		Print ("\rCopying completed.");
-	}
-
-	PrintEndl (2);
-	goto ret;
-
-err:
-	exitKey = TC_BIOS_KEY_ESC;
-	GetKeyboardChar();
-
-ret:
-	EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments));
-	return status;
-}
-
-
 #else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE
 
 
@@ -1105,29 +988,7 @@ void main ()
 
 #ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE
 
-		// Hidden system setup
-		byte hiddenSystemCreationPhase = BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE;
-
-		if (hiddenSystemCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE)
-		{
-			PreventNormalSystemBoot = true;
-			PrintMainMenu();
-
-			if (hiddenSystemCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_CLONING)
-			{
-				if (CopySystemPartitionToHiddenVolume (BootDrive, exitKey))
-				{
-					BootSectorFlags = (BootSectorFlags & ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) | TC_HIDDEN_OS_CREATION_PHASE_WIPING;
-					UpdateBootSectorConfiguration (BootLoaderDrive);
-				}
-				else if (exitKey == TC_BIOS_KEY_ESC)
-					goto bootMenu;
-				else
-					continue;
-			}
-		}
-		else
-			PrintMainMenu();
+		PrintMainMenu();
 
 		exitKey = BootEncryptedDrive();

truecrypt-readme.diff

diff --git a/Readme.txt b/Readme.txt
index 2c1d1ab..ec8bc20 100644
--- a/Readme.txt
+++ b/Readme.txt
@@ -1,4 +1,12 @@
-This archive contains the source code of TrueCrypt 7.1a.
+
+WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues
+
+The development of TrueCrypt was ended in 5/2014 after Microsoft terminated
+support of Windows XP. Windows 8/7/Vista and later offer integrated support for
+encrypted disks and virtual disk images. Such integrated support is also
+available on other platforms. You should migrate any data encrypted by TrueCrypt
+to encrypted disks or virtual disk images supported on your platform.
+
 
 
 Important
@@ -23,14 +31,6 @@ I. Windows
 II. Linux and Mac OS X
 	Requirements for Building TrueCrypt for Linux and Mac OS X
 	Instructions for Building TrueCrypt for Linux and Mac OS X
-	
-III. FreeBSD and OpenSolaris
-
-IV. Third-Party Developers (Contributors)
-
-V. Legal Information
-
-VI. Further Information
 
 
 
@@ -41,33 +41,14 @@ Requirements for Building TrueCrypt for Windows:
 ------------------------------------------------
 
 - Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible)
-- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads)
+- Microsoft Visual C++ 1.52
 - Microsoft Windows SDK for Windows 7 (configured for Visual C++)
 - Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1)
 - RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
-  header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20)
+  header files
 - NASM assembler 2.08 or compatible
 - gzip compressor
 
-IMPORTANT:
-
-The 64-bit editions of Windows Vista and later versions of Windows, and in
-some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not
-allow the TrueCrypt driver to run without an appropriate digital signature.
-Therefore, all .sys files in official TrueCrypt binary packages are digitally
-signed with the digital certificate of the TrueCrypt Foundation, which was
-issued by a certification authority. At the end of each official .exe and
-.sys file, there are embedded digital signatures and all related certificates
-(i.e. all certificates in the relevant certification chain, such as the
-certification authority certificates, CA-MS cross-certificate, and the
-TrueCrypt Foundation certificate). Keep this in mind if you compile TrueCrypt
-and compare your binaries with the official binaries. If your binaries are
-unsigned, the sizes of the official binaries will usually be approximately
-10 KB greater than sizes of your binaries (there may be further differences
-if you use a different version of the compiler, or if you install a different
-or no service pack for Visual Studio, or different hotfixes for it, or if you
-use different versions of the required SDKs).
-
 
 Instructions for Building TrueCrypt for Windows:
 ------------------------------------------------
@@ -111,13 +92,11 @@ Requirements for Building TrueCrypt for Linux and Mac OS X:
 - NASM assembler 2.08 or compatible (x86/x64 architecture only)
 - pkg-config
 - wxWidgets 2.8 shared library and header files installed or
-  wxWidgets 2.8 library source code (available at http://www.wxwidgets.org)
-- FUSE library and header files (available at http://fuse.sourceforge.net
-  and http://code.google.com/p/macfuse)
+  wxWidgets 2.8 library source code
+- FUSE library and header files
 - RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
-  header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20)
-  located in a standard include path or in a directory defined by the
-  environment variable 'PKCS11_INC'.
+  header files located in a standard include path or in a directory
+  defined by the environment variable 'PKCS11_INC'
 
 
 Instructions for Building TrueCrypt for Linux and Mac OS X:
@@ -152,58 +131,3 @@ library, use the 'NOGUI' parameter:
 
    $ make NOGUI=1 WX_ROOT=/usr/src/wxWidgets wxbuild
    $ make NOGUI=1 WXSTATIC=1
-
-
-
-III. FreeBSD and OpenSolaris
-============================
-
-Support status for FreeBSD: http://www.truecrypt.org/misc/freebsd
-Support status for OpenSolaris: http://www.truecrypt.org/misc/opensolaris
-
-
-
-IV. Third-Party Developers (Contributors)
-=========================================
-
-If you intend to implement a feature, please contact us first to make sure:
-
-1) That the feature has not been implemented (we may have already implemented
-   it, but haven't released the code yet).
-2) That the feature is acceptable.
-3) Whether we need help of third-party developers with implementing the feature.
-
-Information on how to contact us can be found at:
-http://www.truecrypt.org/contact
-
-
-
-V. Legal Information
-====================
-
-Copyright Information
----------------------
-
-This software as a whole:
-Copyright (c) 2012 TrueCrypt Developers Association. All rights reserved.
-
-Portions of this software:
-Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved.
-Copyright (c) 1998-2000 Paul Le Roux. All rights reserved.
-Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved.
-Copyright (c) 2002-2004 Mark Adler. All rights reserved.
-For more information, please see the legal notices attached to parts of the
-source code.
-
-Trademark Information
----------------------
-
-Any trademarks contained in the source code, binaries, and/or in the 
-documentation, are the sole property of their respective owners.
-
-
-
-VI. Further Information
-=======================
-
-http://www.truecrypt.org