0

I have the following problem: I am trying to unlock a Bitlocker volume (by using the unique drive ID) and assign a mount point after it's unlocked. The reason why I try to do this in the previous mentioned order is that if I assign a drive letter before it's unlocked the Windows Autorun will try to open it and will prompt an error message (ex: Cannot open F:\ because it's encrypted). I am using Win32 API to get the BitLocker volume ID and set the mount point. The unlocking part is done using a call to powershell from C++ program (using system(), WinExe(), CreateProcess(), etc). The following sequence works (but has the drawback mentioned above): Find the Bitlocker volume ID -> Set mount point/volume letter for it -> Unlock using system + PS script with volume letter argument; What I am trying to do is: Find Bitlocker volume ID -> Unlock using system + PS script with volume ID argument -> Set mount point/volume letter of unlocked volume. The second method is not working: the volume is encrypted after the Set mount point function gives it a drive letter. The only hint I have is that the PS script is not working from C++ program when using Volume ID as parameter (instead of drive letter). Powershell script (with drive letter as parameter):

start powershell.exe -WindowStyle Hidden Set-ExecutionPolicy Unrestricted; Unlock-BitLocker -MountPoint "F:\" -RecoveryPassword ..........

Powershell script (with Volume ID as parameter, not working):

start powershell.exe -WindowStyle Hidden Set-ExecutionPolicy Unrestricted; Unlock-BitLocker -MountPoint "\\?\Volume{00000000-0000-0000-0000-000000000000}\" -RecoveryPassword ..........

C++ code snapshot (working version):

/* Code that identifies the VolumeID for the BitLocker volume */
SetVolumeMountPointW(L"F:\\", VolumeID);  // this sets the mount point for the BitLocker volume
system(ps_script_drive_letter);  // this does the unlocking thing; also works with WinExe; haven't tried CreateProcess but I think it works with that function also;

C++ code snapshot (not-working version):

/* Code that identifies the VolumeID...... */
system(ps_script_volume_id); // this doesn't seems to be working; in debug mode, after I execute this and assign a drive letter using Windows Drive Management the Bitlocker Volume is locked;
SetVolumeMountPointW(L"F:\\", VolumeID);  // same as above

I also tested the Powershell command Unlock-BitLocker -MountPoint "\\?\Volume{00000000-0000-0000-0000-000000000000}\" -RecoveryPassword .......... and is working when executed from Powershell (but not from inside the C++ app). If I assign the mount point from Windows GUI it works ok (the bitlocker volume is unlocked). If i assign the mount point from C++ code, it get locked.

Hope we can find a workaround this problem (or what am I doing wrong in the code above). Thanks :)

Sebastian
  • 43
  • 6
  • I strongly believe that you need to have the `SetVolumeMountPointW` command used in a single line with System(ps_script_drive_letter). You need to use semicolon and keep adding the next set of commands and execute it in a single shot. Again, I am not an expert in C++ but thats what I felt. – Ranadip Dutta Nov 04 '22 at 11:40
  • C++ doesn't care how you lay out your statements. Placing two statements on a single line produces the exact same program as having them on individual lines, or with a billion empty lines in between. – IInspectable Nov 04 '22 at 14:00
  • Whether the local volume already has a drive letter? If so, SetVolumeMountPoint will fail. And try to use [GetVolumeNameForVolumeMountPoint](https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-getvolumenameforvolumemountpointw) to obtain a volume GUID path. I suggest you could refer to the Docs: [Unlock-BitLocker](https://learn.microsoft.com/en-us/powershell/module/bitlocker/unlock-bitlocker?view=windowsserver2022-ps) and [Assigning a Drive Letter to a Volume](https://learn.microsoft.com/en-us/windows/win32/fileio/assigning-a-drive-letter-to-a-volume) – Jeaninez - MSFT Nov 07 '22 at 08:18
  • @Jeaninez-MSFT I have checks for that case you mentioned. The problem is not with SetVolumeMountPoint, as it usually gets the job done. Also, the Volume Name is an input, I already have it. It seems to me the problem is from the powershell command/system call. – Sebastian Nov 07 '22 at 09:14

0 Answers0