11/18/2018 - 3:01 AM

[XML | VeryCrypt: Individuelle Bootloader-Datei] #VeraCrypt #XML #Boot #Bootloader #EFI #Rescue #Disk #DCS #configuration #Konfiguration

[XML | VeryCrypt: Individuelle Bootloader-Datei] #VeraCrypt #XML #Boot #Bootloader #EFI #Rescue #Disk #DCS #configuration #Konfiguration

<?xml version="1.0" encoding="utf-8"?>
  <!-- EFI boot DCS configuration -->
    <!-- PasswordType 0/1
         0 - text message is displayed
         PasswordMsg to specify message
         1 - touch picture password if touch is supported by EFI. check PlatformInfo
         PasswordPicture to specify bitmap
    <config key="PasswordType">0</config>
    <config key="PasswordMsg">Password:</config>
    <config key="PasswordPicture">EFI\VeraCrypt\login.bmp</config>

    <!-- Show "*" on each key pressed or picture zone touched -->
    <config key="AuthorizeProgress">1</config>
    <!-- Show chars on each key press -->
    <config key="AuthorizeVisible">0</config>
    <!-- Show zones touched -->
    <config key="AuthorizeMarkTouch">0</config>

    <!-- Number of authorization retries -->
    <config key="AuthorizeRetry">10</config>
    <!-- Timeout in seconds before <ESC> from password prompt -->
    <config key="PasswordTimeout">0</config>

    <!-- authorization start message -->
    <config key="AuthStartMsg">Authorizing...</config>
    <!-- authorization error message -->
    <config key="AuthErrorMsg">Authorization failed. Wrong password, PIM or hash.</config>
    <!-- PictureChars specifies PasswordPicture alphabet order
         It is possible to save it on external USB if SecRegionSearch selected
    <!-- config key="PictureChars">MN/[aQ-eyPr}GT: |V^UqiI_gbdA9YwZ%f8t6S@D\"7uXl\\30R#+zH*,W4J?= BLFv]hx~E;$ .o'sp1`(>C)O{!5j2nmkcK</config -->

    <!-- AutoLogin 0/1 
    Posibility to avoid password prompt
    AutoPassword is  password by default
    Use it with PlatformLocked or TPMLocked enabled to lock password to the computer.
    <config key="AutoLogin">0</config>
    <config key="AutoPassword"></config>

    <!-- PimRqt 0/1 
    Request PIM during authorization
    PimMsg - message
    Pim - default value
    <config key="PimMsg">Pim:</config>
    <config key="Pim">0</config>
    <config key="PimRqt">1</config>

    <!-- HashRqt 0/1 
    Request hash during authorization
    HashMsg - message. It is generated if not specified
    Hash - default value
    <!-- config key="HashMsg">(0) TEST ALL (1) SHA512 (2) WHIRLPOOL (3) SHA256 (4) RIPEMD160 (5) STREEBOG
    <config key="Hash">0</config>
    <config key="HashRqt">0</config>

    <!-- PlatformLocked 0/1 (it is controled by <F7>)
    Password is mixed with data from SMBIOS and USB serial structures
    to avoid authorization on another computer
    <config key="PlatformLocked">0</config>

    <!-- TPMLocked 0/1 (it is controled by <F8>)
    Password is mixed with data from TPM
    data is in TPM NVRAM and the data is locked to PCRs selected (use configuration <F2> and "c" "t")
    BIOS modification or any other boot module blocks authorization with TPMLocked=1
    DcsProp is measured to PCR8 also.
    TPM 1.2 support only.
    <config key="TPMLocked">0</config>
    <!-- Display error if TPM configured and locked before password to inform user with pause (sec) -->
    <config key="TPMLockedInfoDelay">0</config>
    <!-- Random generator to generate salt to change password <F2> function key
    2 RDRAND
    3 PRNDGEN but state hast to be saved on external USB
    5 TPM 1.2 if pressent
    <config key="Random">2</config>

    <!-- RUD - Require USB device (authorization started if the USB is attached. "what I have")
    0 - skip
    NNNN - CRC32 decimal value of USB "VID_PID_SERIAL" string
    It is possible to configure via DcsWinCfg
    or from EFI shell: DcsCfg.dcs -ul
    <config key="RUD">0</config>

    <!-- Try to find security region -->
    <config key="SecRegionSearch">0</config>
    <!-- Display device of RUD or SecRegion found with pause (sec) -->
    <config key="SecRegionInfoDelay">0</config>

    <!-- Ask password even no USB with SecRegions found 
    ForcePasswordMsg, ForcePasswordType,ForcePasswordProgress keys can overide default values
    <config key="DcsBootForce">1</config>

    to find OS partition GUID if ESP and OS uses diffrent disks
    <!-- config key="PartitionGuidOS">XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</config-->

    <!-- Actions
    Success  - authorization OK
    NotFound - RUD of SecRegion search failed
    Failed   - <ESC> pressed or AuthorizeRetry limit

    It can contain several keywords space separated

    Exit           – simple exit (default)
    Status(code)   – override exit status code (0 is OK)
    File(path)     – path to file to be executed
    Guid(xxx-x..)  – GUID of partition with file to be executed
    Printinfo      – print guid, file and status.
    Message(msg)   – message to display for the action
    Postexec       – send loader path to DcsBoot to execute after exit
    Exec           – execute module
    Halt           – CPU halt
    Delay(N)       – delay boot
    <config key="ActionSuccess">Exit</config>
    <config key="ActionNotFound">Exit</config>
    <config key="ActionFailed">Exit</config>

    <!-- Devices to configure PicturePassword if possible. Check PlatformInfo of your computer
    GraphDevice - Graphics device and mode
    TouchDevice - Touch device
    BeepDevice  - ordinary speaker to beep on touch zone
    <!-- GraphDevice 
    -1  - initialize + autodetect
    -2  - ignore
    <n> - number in list of devices (see PlatformInfo or use DcsCfg.dcs -gl )
    <config key="GraphDevice">-1</config>
    <!-- GraphMode 
    -1 default (see PlatformInfo. or use DcsCfg.dcs -gm <n> to test)
    <config key="GraphMode">-1</config>

    -1 init + autodetect
    -2 ignore; 
    <N> number in list of devices (See platformInfo or use DcsCfg -tl and to test DcsCfg -tt <N>)
    <config key="TouchDevice">-1</config>

    <!-- TouchSimulate to use keyboard arrows to move touch <F11>/<F12> speed -->
    <config key="TouchSimulate">1</config>

    <!-- 0/1 Beep if picture zone touched -->
    <config key="Beep">0</config>
    <!-- BeepDevice (LegacySpeaker.dcs driver is used to support)
    -1  - initialize + autodetect
    <n> - number in list of devices (see PlatformInfo or use DcsCfg.dcs -gl )
    <config key="BeepDevice">-1</config>
    <!-- Beep paramters -->
    <config key="BeepNumber">1</config>
    <config key="BeepDuration">100</config>
    <config key="BeepInterval">0</config>
    <config key="BeepTone">1280</config>
    <!-- <F4> enable/disable beeps -->
    <config key="BeepControl">1</config>