In my python 2 script, I am trying to connect to the VeraCrypt device driver to
get some information on my mounted volumes.
This is what I have so far. I tried a bunch of different ideas on how to
construct the input buffer for the DeviceIoControl function call but I keep
getting the following response.
Traceback (most recent call last):
File "test.py", line 188, in <module>
info=win32file.DeviceIoControl(hDisk,VC_IOCTL_GET_VOLUME_PROPERTIES,b'x05x00x00x00'
+ (b'x00' * 702),65536)
pywintypes.error: (87, 'DeviceIoControl', 'The parameter is incorrect.')
I would appreciate any direction anyone can give. I have seen success with
making calls to win32file.DeviceIoControl when an input buffer wasn't needed
but this one needs this information passed to it for it to work.
Thanks!
Doug
=======
import ctypes
import win32api
import win32file
import win32con
import winioctlcon
import struct
#
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/d4drvif/nf-d4drvif-ctl_code
#
https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/specifying-device-types
FILE_DEVICE_UNKNOWN=0x00000022
METHOD_BUFFERED=0
METHOD_IN_DIRECT=1
METHOD_OUT_DIRECT=2
METHOD_NEITHER=3
FILE_ANY_ACCESS=0x0000
FILE_READ_ACCESS=0x0001
FILE_WRITE_ACCESS=0x0002
def CTL_CODE(DeviceType, Function, Method, Access):
return (DeviceType << 16) | (Access << 14) | (Function << 2) | Method
#define VC_IOCTL(CODE) (CTL_CODE (FILE_DEVICE_UNKNOWN, 0x800 + (CODE),
METHOD_BUFFERED, FILE_ANY_ACCESS))
def VC_IOCTL(CODE):
return (CTL_CODE(FILE_DEVICE_UNKNOWN, 0x800 + (CODE), METHOD_BUFFERED,
FILE_ANY_ACCESS))
VC_IOCTL_GET_MOUNTED_VOLUMES = VC_IOCTL(6)
VC_IOCTL_GET_VOLUME_PROPERTIES = VC_IOCTL (7)
VC_IOCTL_GET_BOOT_ENCRYPTION_STATUS = VC_IOCTL (18)
VC_IOCTL_GET_BOOT_DRIVE_VOLUME_PROPERTIES = VC_IOCTL (22)
VC_IOCTL_EMERGENCY_CLEAR_KEYS = VC_IOCTL (41)
INVALID_HANDLE_VALUE=-1
FILE_SHARE_READ=0x00000001
FILE_SHARE_WRITE=0x00000002
OPEN_EXISTING=3
path = "\\\\.\\VeraCrypt"
access_flag = 0
share_flag = FILE_SHARE_READ | FILE_SHARE_WRITE
hDisk =
win32file.CreateFile(path,0,win32file.FILE_SHARE_READ|win32file.FILE_SHARE_WRITE,None,win32file.OPEN_EXISTING,0,None)
class VOLUME_PROPERTIES_STRUCT(ctypes.Structure):
_fields_ = [('driveNo', ctypes.c_int),
('uniqueId', ctypes.c_int),
('wszVolume', ctypes.c_wchar * 260),
('diskLength', ctypes.c_uint64),
('ea', ctypes.c_int),
('mode', ctypes.c_int),
('pkcs5', ctypes.c_int),
('pkcs5Iterations', ctypes.c_int),
('hiddenVolume', ctypes.c_long),
('readOnly', ctypes.c_long),
('removable', ctypes.c_long),
('partitionInInactiveSysEncScope', ctypes.c_long),
('volFormatVersion', ctypes.c_uint32),
('totalBytesRead', ctypes.c_uint64),
('totalBytesWritten', ctypes.c_uint64),
('hiddenVolProtection', ctypes.c_int),
('volFormatVersion', ctypes.c_int),
('volumePim', ctypes.c_int),
('wszLabel', ctypes.c_wchar * 33),
('bDriverSetLabel', ctypes.c_long),
('volumeID', ctypes.c_wchar * 32),
('mountDisabled', ctypes.c_long)]
prop = VOLUME_PROPERTIES_STRUCT()
prop.driveNo = 5
#info=win32file.DeviceIoControl(hDisk,VC_IOCTL_GET_VOLUME_PROPERTIES,struct.pack('ii520sQiiiiLLLLLQQiii66sL64sL',prop),17424)
#info=win32file.DeviceIoControl(hDisk,VC_IOCTL_GET_VOLUME_PROPERTIES,struct.pack('ii520sQiiiiLLLLLQQiii66sL64sL',5,0,'a'
* 520,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,'a' * 66,0,'a' * 64,0),17424)
info=win32file.DeviceIoControl(hDisk,VC_IOCTL_GET_VOLUME_PROPERTIES,b'0x00' +
b'x05x00x00x00' + b'x00' * 702),65536)
I based what I have done on the following C code from VeraStatus
(veracrypt/VeraStatus: Command line tool to get technical information about
VeraCrypt mounted volumes and system encryption
(github.com)<https://github.com/veracrypt/VeraStatus>). Here are what I
believe are relevant sections.
#define VC_IOCTL(CODE) (CTL_CODE (FILE_DEVICE_UNKNOWN, 0x800 + (CODE),
METHOD_BUFFERED, FILE_ANY_ACCESS))
#define VC_IOCTL_GET_MOUNTED_VOLUMES VC_IOCTL (6)
#define VOLUME_ID_SIZE 32
typedef struct
{
int driveNo;
int uniqueId;
wchar_t wszVolume[260];
unsigned __int64 diskLength;
int ea;
int mode;
int pkcs5;
int pkcs5Iterations;
BOOL hiddenVolume;
BOOL readOnly;
BOOL removable;
BOOL partitionInInactiveSysEncScope;
unsigned __int32 volumeHeaderFlags;
unsigned __int64 totalBytesRead;
unsigned __int64 totalBytesWritten;
int hiddenVolProtection;
int volFormatVersion;
int volumePim;
wchar_t wszLabel[33];
BOOL bDriverSetLabel;
unsigned char volumeID[VOLUME_ID_SIZE];
BOOL mountDisabled;
} VOLUME_PROPERTIES_STRUCT;
VOLUME_PROPERTIES_STRUCT prop;
prop.driveNo = _totupper(argv[1][0]) - TEXT('A');
if (DeviceIoControl (hDriver, VC_IOCTL_GET_VOLUME_PROPERTIES, &prop, sizeof
(prop), &prop, sizeof (prop), &cbBytesReturned, NULL))
_______________________________________________
python-win32 mailing list
[email protected]
https://mail.python.org/mailman/listinfo/python-win32
