VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-12-15 23:14:42 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-12-15 23:17:59 (GMT)
commitc27461572ca09705c16f26a1e9128ff3a4ebdda0 (patch)
tree41eff1e362c745d21e0cf90cb7d276dfb3cfff66
parent634916230311eed9c6969aa516f4b9601438f9d3 (diff)
downloadVeraCrypt-c27461572ca09705c16f26a1e9128ff3a4ebdda0.zip
VeraCrypt-c27461572ca09705c16f26a1e9128ff3a4ebdda0.tar.gz
Windows: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.
-rw-r--r--src/Common/Apidrvr.h3
-rw-r--r--src/Common/BootEncryption.cpp7
-rw-r--r--src/Common/BootEncryption.h2
-rw-r--r--src/Common/Cache.c6
-rw-r--r--src/Common/Cache.h2
-rw-r--r--src/Common/Common.h1
-rw-r--r--src/Common/Common.rc23
-rw-r--r--src/Common/Crypto.h20
-rw-r--r--src/Common/Dlgcode.c17
-rw-r--r--src/Common/Dlgcode.h4
-rw-r--r--src/Common/Format.c2
-rw-r--r--src/Common/Language.xml3
-rw-r--r--src/Common/Password.c4
-rw-r--r--src/Common/Password.h2
-rw-r--r--src/Common/Resource.h6
-rw-r--r--src/Common/Volumes.c13
-rw-r--r--src/Common/Volumes.h4
-rw-r--r--src/Driver/DriveFilter.c53
-rw-r--r--src/Driver/Ntdriver.c6
-rw-r--r--src/Driver/Ntvol.c2
-rw-r--r--src/Format/InPlace.c9
-rw-r--r--src/Format/InPlace.h2
-rw-r--r--src/Format/Tcformat.c55
-rw-r--r--src/Format/Tcformat.h2
-rw-r--r--src/Mount/MainCom.cpp17
-rw-r--r--src/Mount/MainCom.h2
-rw-r--r--src/Mount/MainCom.idl3
-rw-r--r--src/Mount/Mount.c218
-rw-r--r--src/Mount/Mount.h5
-rw-r--r--src/Mount/Mount.rc63
-rw-r--r--src/Mount/Resource.h6
-rw-r--r--src/Setup/ComSetup.cpp2
32 files changed, 426 insertions, 138 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index ac6f3fb..ac1689b 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -100,6 +100,8 @@ typedef struct
Password ProtectedHidVolPassword; /* Password to the hidden volume to be protected against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
+ int pkcs5_prf;
+ int ProtectedHidVolPkcs5Prf;
} MOUNT_STRUCT;
typedef struct
@@ -235,6 +237,7 @@ typedef struct
typedef struct
{
Password VolumePassword;
+ int pkcs5_prf;
} ReopenBootVolumeHeaderRequest;
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 824e3b6..47f6418 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -1638,7 +1638,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
- ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, NULL, cryptoInfo);
+ ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, NULL, cryptoInfo);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@@ -2117,7 +2117,7 @@ namespace VeraCrypt
}
- int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount)
+ int BootEncryption::ChangePassword (Password *oldPassword, int old_pkcs5,Password *newPassword, int pkcs5, int wipePassCount)
{
BootEncryptionStatus encStatus = GetStatus();
@@ -2159,7 +2159,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL;
- int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, &cryptoInfo, NULL);
+ int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0)
@@ -2257,6 +2257,7 @@ namespace VeraCrypt
{
ReopenBootVolumeHeaderRequest reopenRequest;
reopenRequest.VolumePassword = *newPassword;
+ reopenRequest.pkcs5_prf = cryptoInfo->pkcs5;
finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); });
CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest));
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index db1eb42..585b842 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -141,7 +141,7 @@ namespace VeraCrypt
void AbortSetup ();
void AbortSetupWait ();
void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0);
- int ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount);
+ int ChangePassword (Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount);
void CheckDecoyOSWipeResult ();
void CheckEncryptionSetupResult ();
void CheckRequirements ();
diff --git a/src/Common/Cache.c b/src/Common/Cache.c
index e119681..2ecf9d8 100644
--- a/src/Common/Cache.c
+++ b/src/Common/Cache.c
@@ -21,7 +21,7 @@ Password CachedPasswords[CACHE_SIZE];
int cacheEmpty = 1;
static int nPasswordIdx = 0;
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo)
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i;
@@ -29,7 +29,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
/* Attempt to recognize volume using mount password */
if (password->Length > 0)
{
- nReturnCode = ReadVolumeHeader (bBoot, header, password, retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@@ -59,7 +59,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
{
if (CachedPasswords[i].Length > 0)
{
- nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG)
break;
diff --git a/src/Common/Cache.h b/src/Common/Cache.h
index 18324a5..3c68479 100644
--- a/src/Common/Cache.h
+++ b/src/Common/Cache.h
@@ -19,5 +19,5 @@
extern int cacheEmpty;
void AddPasswordToCache (Password *password);
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo);
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo);
void WipeCache (void);
diff --git a/src/Common/Common.h b/src/Common/Common.h
index ef25ec1..d4375b5 100644
--- a/src/Common/Common.h
+++ b/src/Common/Common.h
@@ -76,6 +76,7 @@ typedef struct
Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
+ int ProtectedHidVolPkcs5Prf;
} MountOptions;
#endif
diff --git a/src/Common/Common.rc b/src/Common/Common.rc
index 13b9f97..4f4dfb3 100644
--- a/src/Common/Common.rc
+++ b/src/Common/Common.rc
@@ -65,7 +65,7 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14
END
-IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 172
+IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 204
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Mount Options"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -78,16 +78,18 @@ BEGIN
CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10
EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,123,90,10
- CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,136,90,10
- PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,125,60,14
- LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,151,247,10,SS_NOTIFY
+ CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,146,90,10
+ CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,159,90,10
+ PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,148,60,14
+ LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,174,247,10,SS_NOTIFY
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
- GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,95
+ GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,120
CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
+ COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17
END
IDD_KEYFILES DIALOGEX 0, 0, 345, 237
@@ -307,12 +309,13 @@ BEGIN
LTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,8,274,9
END
-IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 42
+IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 61
STYLE DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION
CAPTION "VeraCrypt"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
- CTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,11,274,9
+ CTEXT "Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.",IDT_STATIC_MODAL_WAIT_DLG_INFO,9,11,274,20
+ CONTROL "",IDC_WAIT_PROGRESS_BAR,"msctls_progress32",WS_BORDER,7,37,278,14
END
@@ -341,7 +344,7 @@ BEGIN
BEGIN
LEFTMARGIN, 7
TOPMARGIN, 7
- BOTTOMMARGIN, 166
+ BOTTOMMARGIN, 198
END
IDD_KEYFILES, DIALOG
@@ -453,7 +456,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 285
TOPMARGIN, 7
- BOTTOMMARGIN, 35
+ BOTTOMMARGIN, 54
END
END
#endif // APSTUDIO_INVOKED
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h
index a6ed56d..4695239 100644
--- a/src/Common/Crypto.h
+++ b/src/Common/Crypto.h
@@ -196,6 +196,7 @@ typedef struct CRYPTO_INFO_t
{
int ea; /* Encryption algorithm ID */
int mode; /* Mode of operation (e.g., XTS) */
+ int pkcs5; /* PRF algorithm */
unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */
unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */
@@ -240,10 +241,26 @@ typedef struct CRYPTO_INFO_t
UINT64_STRUCT EncryptedAreaLength;
uint32 HeaderFlags;
- int pkcs5;
} CRYPTO_INFO, *PCRYPTO_INFO;
+#ifdef _WIN32
+
+#pragma pack (push)
+#pragma pack(1)
+
+typedef struct BOOT_CRYPTO_HEADER_t
+{
+ __int16 ea; /* Encryption algorithm ID */
+ __int16 mode; /* Mode of operation (e.g., XTS) */
+ __int16 pkcs5; /* PRF algorithm */
+
+} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER;
+
+#pragma pack (pop)
+
+#endif
+
PCRYPTO_INFO crypto_open (void);
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen);
void crypto_close (PCRYPTO_INFO cryptoInfo);
@@ -300,6 +317,7 @@ const
char *HashGetName (int hash_algo_id);
#ifndef TC_WINDOWS_BOOT
+Hash *HashGet (int id);
void HashGetName2 (char *buf, int hashId);
BOOL HashIsDeprecated (int hashId);
BOOL HashForSystemEncryption (int hashId);
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index bb84d37..1dbbbd2 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -6168,6 +6168,14 @@ static BOOL CALLBACK MountWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
{
MountThreadParam* thParam = (MountThreadParam*) lParam;
HANDLE hThread = NULL;
+
+ // set the progress bar type to MARQUEE (indefinite progress)
+ HWND hProgress = GetDlgItem (hwndDlg, IDC_WAIT_PROGRESS_BAR);
+ if (hProgress)
+ {
+ SetWindowLongPtr (hProgress, GWL_STYLE, PBS_MARQUEE | GetWindowLongPtr (hProgress, GWL_STYLE));
+ ::SendMessage(hProgress, PBM_SETMARQUEE, (WPARAM) TRUE, (LPARAM) 0);
+ }
thParam->hwnd = hwndDlg;
@@ -6225,6 +6233,7 @@ int MountVolume (HWND hwndDlg,
int driveNo,
char *volumePath,
Password *password,
+ int pkcs5,
BOOL cachePassword,
BOOL sharedAccess,
const MountOptions* const mountOptions,
@@ -6285,6 +6294,7 @@ retry:
{
mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword;
mount.bProtectHiddenVolume = TRUE;
+ mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf;
}
else
mount.bProtectHiddenVolume = FALSE;
@@ -6294,6 +6304,7 @@ retry:
mount.bPreserveTimestamp = mountOptions->PreserveTimestamp;
mount.bMountManager = TRUE;
+ mount.pkcs5_prf = pkcs5;
// Windows 2000 mount manager causes problems with remounted volumes
if (CurrentOSMajor == 5 && CurrentOSMinor == 0)
@@ -6364,6 +6375,8 @@ retry:
burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
+ burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
+ burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
if (bResult == FALSE)
{
@@ -8881,7 +8894,7 @@ void ReportUnexpectedState (char *techInfo)
#ifndef SETUP
-int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
+int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{
int status = ERR_PARAMETER_INCORRECT;
int volumeType;
@@ -9043,7 +9056,7 @@ int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *pa
}
// Decrypt volume header
- status = ReadVolumeHeader (FALSE, buffer, password, &context->CryptoInfo, NULL);
+ status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 7faf6bc..3781fd5 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -325,7 +325,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (char *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
-int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
+int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, int pkcs5, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL IsPasswordCacheEmpty (void);
BOOL IsMountedVolume (const char *volname);
@@ -447,7 +447,7 @@ void ToBootPwdField (HWND hwndDlg, UINT ctrlId);
void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL DoDriverInstall (HWND hwndDlg);
-int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
+int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);
diff --git a/src/Common/Format.c b/src/Common/Format.c
index ad6be02..c7198f6 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -623,7 +623,7 @@ error:
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
+ if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 4ccf9c4..70e4b65 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -270,6 +270,7 @@
<control lang="en" key="IDT_PARALLELIZATION_OPTIONS">Thread-Based Parallelization</control>
<control lang="en" key="IDT_PKCS11_LIB_PATH">PKCS #11 Library Path</control>
<control lang="en" key="IDT_PKCS5_PRF">PKCS-5 PRF:</control>
+ <control lang="en" key="IDT_NEW_PKCS5_PRF">PKCS-5 PRF:</control>
<control lang="en" key="IDT_PW_CACHE_OPTIONS">Password Cache</control>
<control lang="en" key="IDT_SECURITY_OPTIONS">Security Options</control>
<control lang="en" key="IDT_TASKBAR_ICON">VeraCrypt Background Task</control>
@@ -345,6 +346,7 @@
<control lang="en" key="IDT_SECURITY_TOKEN">Security token:</control>
<control lang="en" key="IDT_SORT_METHOD">Sort Method:</control>
<control lang="en" key="IDT_STATIC_MODELESS_WAIT_DLG_INFO">Please wait. This process may take a long time...</control>
+ <control lang="en" key="IDT_STATIC_MODAL_WAIT_DLG_INFO">Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.</control>
<control lang="en" key="IDT_TEST_BLOCK_NUMBER">Block number:</control>
<control lang="en" key="IDT_TEST_CIPHERTEXT">Ciphertext (hexadecimal)</control>
<control lang="en" key="IDT_TEST_DATA_UNIT_NUMBER">Data unit number (64-bit hexadecimal, data unit size is 512 bytes)</control>
@@ -756,6 +758,7 @@
<string lang="en" key="REMOVABLE_DISK">Removable Disk</string>
<string lang="en" key="HARDDISK">Harddisk</string>
<string lang="en" key="UNCHANGED">Unchanged</string>
+ <string lang="en" key="AUTODETECTION">Autodetection</string>
<string lang="en" key="SETUP_MODE_TITLE">Wizard Mode</string>
<string lang="en" key="SETUP_MODE_INFO">Select one of the modes. If you are not sure which to select, use the default mode.</string>
<string lang="en" key="SETUP_MODE_HELP_INSTALL">Select this option if you want to install VeraCrypt on this system.</string>
diff --git a/src/Common/Password.c b/src/Common/Password.c
index 2c065b6..921ce02 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
return TRUE;
}
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
+int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -287,7 +287,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
/* Try to decrypt the header */
- nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, &cryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
diff --git a/src/Common/Password.h b/src/Common/Password.h
index 887c616..66903b5 100644
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@@ -35,7 +35,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
+int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
diff --git a/src/Common/Resource.h b/src/Common/Resource.h
index eb2c589..4b8c2df 100644
--- a/src/Common/Resource.h
+++ b/src/Common/Resource.h
@@ -184,6 +184,10 @@
#define IDC_KEYFILES_RANDOM_SIZE 5122
#define IDT_KEYFILES_SIZE 5123
#define IDD_STATIC_MODAL_WAIT_DLG 5124
+#define IDT_STATIC_MODAL_WAIT_DLG_INFO 5125
+#define IDC_WAIT_PROGRESS_BAR 5126
+#define IDC_PKCS5_PRF_ID 5127
+#define IDT_PKCS5_PRF 5128
// Next default values for new objects
//
@@ -192,7 +196,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 542
#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 5125
+#define _APS_NEXT_CONTROL_VALUE 5129
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 2bd870b..c88e81d 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -163,7 +163,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
-int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo;
@@ -198,7 +198,8 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
return ERR_OUTOFMEMORY;
}
- if (encryptionThreadCount > 1)
+ /* use thread pool only if no PRF was specified */
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
if (!keyDerivationWorkItems)
@@ -241,7 +242,11 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
{
- if (encryptionThreadCount > 1)
+ // if a PRF is specified, we skip all other PRFs
+ if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
+ continue;
+
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
// Enqueue key derivation on thread pool
if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID)
@@ -529,7 +534,7 @@ ret:
VirtualUnlock (&dk, sizeof (dk));
#endif
- if (encryptionThreadCount > 1)
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
TC_WAIT_EVENT (noOutstandingWorkItemEvent);
diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h
index 8f1da28..18a5269 100644
--- a/src/Common/Volumes.h
+++ b/src/Common/Volumes.h
@@ -126,7 +126,11 @@ extern BOOL ReadVolumeHeaderRecoveryMode;
uint16 GetHeaderField16 (byte *header, int offset);
uint32 GetHeaderField32 (byte *header, int offset);
UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
+#ifdef TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+#else
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)
int CreateVolumeHeaderInMemory (BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index b195ef5..8737080 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -219,6 +219,8 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
NTSTATUS status;
LARGE_INTEGER offset;
char *header;
+ int pkcs5_prf = 0;
+ byte *mappedCryptoInfo = NULL;
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
@@ -269,7 +271,30 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
goto ret;
}
- if (ReadVolumeHeader (!hiddenVolume, header, password, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
+ if (BootArgs.CryptoInfoLength > 0)
+ {
+ PHYSICAL_ADDRESS cryptoInfoAddress;
+
+ cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
+ mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
+ if (mappedCryptoInfo)
+ {
+ /* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
+ BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
+ Hash* pHash = HashGet(pBootCryptoInfo->pkcs5);
+ if (pHash && pHash->SystemEncryption)
+ pkcs5_prf = pBootCryptoInfo->pkcs5;
+ else
+ {
+ status = STATUS_UNSUCCESSFUL;
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ goto ret;
+ }
+ }
+ }
+
+ if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
{
// Header decrypted
status = STATUS_SUCCESS;
@@ -316,20 +341,15 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);
// Erase boot loader scheduled keys
- if (BootArgs.CryptoInfoLength > 0)
+ if (mappedCryptoInfo)
{
- PHYSICAL_ADDRESS cryptoInfoAddress;
- byte *mappedCryptoInfo;
-
+#ifdef DEBUG
+ PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
- mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
-
- if (mappedCryptoInfo)
- {
- Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
- burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
- MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
- }
+ Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
+#endif
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
}
BootDriveFilterExtension = Extension;
@@ -755,7 +775,10 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
return;
if (!BootDriveFound || !BootDriveFilterExtension || !BootDriveFilterExtension->DriveMounted || !BootDriveFilterExtension->HeaderCryptoInfo
- || request->VolumePassword.Length > MAX_PASSWORD)
+ || request->VolumePassword.Length > MAX_PASSWORD
+ || request->pkcs5_prf < 0
+ || request->pkcs5_prf > LAST_PRF_ID
+ )
{
irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
goto wipe;
@@ -780,7 +803,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
goto ret;
}
- if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
+ if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index e7a55b0..4476adb 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -1364,7 +1364,9 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
{
MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer;
- if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD)
+ if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD
+ || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
+ || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID )
{
Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
Irp->IoStatus.Information = 0;
@@ -1378,6 +1380,8 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
burn (&mount->VolumePassword, sizeof (mount->VolumePassword));
burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));
+ burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));
+ burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));
}
break;
diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c
index 29ccd54..a8bcc14 100644
--- a/src/Driver/Ntvol.c
+++ b/src/Driver/Ntvol.c
@@ -462,6 +462,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->bCache,
readBuffer,
&mount->ProtectedHidVolPassword,
+ mount->ProtectedHidVolPkcs5Prf,
&tmpCryptoInfo);
}
else
@@ -471,6 +472,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->bCache,
readBuffer,
&mount->VolumePassword,
+ mount->pkcs5_prf,
&Extension->cryptoInfo);
}
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c
index 5c8cb3b..8c07fd8 100644
--- a/src/Format/InPlace.c
+++ b/src/Format/InPlace.c
@@ -548,7 +548,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol
/* Now we will try to decrypt the backup header to verify it has been correctly written. */
- nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, &cryptoInfo2, NULL, deviceSize);
+ nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, volParams->pkcs5,&cryptoInfo2, NULL, deviceSize);
if (nStatus != ERR_SUCCESS
|| cryptoInfo->EncryptedAreaStart.Value != cryptoInfo2->EncryptedAreaStart.Value
@@ -663,6 +663,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
DWORD n;
char *devicePath = volParams->volumePath;
Password *password = volParams->password;
+ int pkcs5_prf = volParams->pkcs5;
DISK_GEOMETRY driveGeometry;
@@ -755,7 +756,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
sectorSize = driveGeometry.BytesPerSector;
- nStatus = OpenBackupHeader (dev, devicePath, password, &masterCryptoInfo, headerCryptoInfo, deviceSize);
+ nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, &masterCryptoInfo, headerCryptoInfo, deviceSize);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
@@ -1504,7 +1505,7 @@ closing_seq:
}
-static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize)
+static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, int pkcs5, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize)
{
LARGE_INTEGER offset;
DWORD n;
@@ -1530,7 +1531,7 @@ static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *passw
}
- nStatus = ReadVolumeHeader (FALSE, header, password, retMasterCryptoInfo, headerCryptoInfo);
+ nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, retMasterCryptoInfo, headerCryptoInfo);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
diff --git a/src/Format/InPlace.h b/src/Format/InPlace.h
index 82bae5b..979af18 100644
--- a/src/Format/InPlace.h
+++ b/src/Format/InPlace.h
@@ -37,7 +37,7 @@ static int ConcealNTFS (HANDLE dev);
BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId wipeAlgorithm);
static void ExportProgressStats (__int64 bytesDone, __int64 totalSize);
int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount);
-static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize);
+static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, int pkcs5, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize);
BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold);
#ifdef __cplusplus
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index a3c596d..5eabbf0 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -31,6 +31,7 @@
#include "Common/Dictionary.h"
#include "Common/Endian.h"
#include "Common/resource.h"
+#include "Common/Pkcs5.h"
#include "Platform/Finally.h"
#include "Platform/ForEach.h"
#include "Random.h"
@@ -223,6 +224,8 @@ Password volumePassword; /* User password */
char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */
char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */
+int volumePkcs5Prf = 0;
+
BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */
BOOL ComServerMode = FALSE;
@@ -2414,7 +2417,7 @@ static void __cdecl volTransformThreadFunction (void *hwndDlgArg)
if (bHiddenVolHost && !bVolTransformThreadCancel && nStatus == 0)
{
/* Auto mount the newly created hidden volume host */
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, FALSE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, FALSE))
{
case ERR_NO_FREE_DRIVES:
MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);
@@ -3861,24 +3864,42 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case HIDDEN_VOL_HOST_PASSWORD_PAGE:
case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE:
+ {
+ /* Populate the PRF algorithms list */
+ int nIndex, i;
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
- SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0);
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
- SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), szRawPassword);
+ /* make autodetection the default */
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
- SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT));
+ SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0);
- SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);
+ SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), szRawPassword);
- SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP"));
+ SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT));
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE"));
+ SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+ SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP"));
- EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys);
- EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE"));
+
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+
+ EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys);
+ EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+ }
break;
@@ -6732,6 +6753,8 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD_DIRECT), (char *) volumePassword.Text, sizeof (volumePassword.Text));
volumePassword.Length = strlen ((char *) volumePassword.Text);
+ hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
+
// Store the password in case we need to restore it after keyfile is applied to it
GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD_DIRECT), szRawPassword, sizeof (szRawPassword));
@@ -6769,7 +6792,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Mount the hidden volume host as read-only (to ensure consistent and secure
// results of the volume bitmap scanning)
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, TRUE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, TRUE))
{
case ERR_NO_FREE_DRIVES:
NormalCursor ();
@@ -6878,7 +6901,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
OpenVolumeContext volume;
- if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, FALSE, FALSE, TRUE) == ERR_SUCCESS)
+ if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, volumePkcs5Prf, FALSE, FALSE, TRUE) == ERR_SUCCESS)
{
if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0
&& volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value)
@@ -7446,7 +7469,7 @@ retryCDDriveCheck:
{
// Remount the hidden volume host as read-only (to ensure consistent and secure
// results of the volume bitmap scanning)
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, TRUE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, TRUE))
{
case ERR_NO_FREE_DRIVES:
MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);
@@ -8232,7 +8255,7 @@ efsf_error:
// Mounts a volume within which the user intends to create a hidden volume
-int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *password, BOOL bReadOnly)
+int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *password, int pkcs5_prf, BOOL bReadOnly)
{
MountOptions mountOptions;
ZeroMemory (&mountOptions, sizeof (mountOptions));
@@ -8252,7 +8275,7 @@ int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (hwndDlg, *driveNo, volumePath, password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
+ if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
*driveNo = -3;
return ERR_VOL_MOUNT_FAILED;
diff --git a/src/Format/Tcformat.h b/src/Format/Tcformat.h
index 1451260..e8b790c 100644
--- a/src/Format/Tcformat.h
+++ b/src/Format/Tcformat.h
@@ -67,7 +67,7 @@ static void NonSysInplaceEncPause (void);
static void NonSysInplaceEncResume (void);
void ShowNonSysInPlaceEncUIStatus (void);
void UpdateNonSysInPlaceEncControls (void);
-int MountHiddenVolHost ( HWND hwndDlg, char *volumePath, int *driveNo, Password *password, BOOL bReadOnly );
+int MountHiddenVolHost ( HWND hwndDlg, char *volumePath, int *driveNo, Password *password, int pkcs5_prf, BOOL bReadOnly );
int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters);
int ScanVolClusterBitmap ( HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters);
static void WipeStart (void);
diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp
index 829cd21..a75b1e5 100644
--- a/src/Mount/MainCom.cpp
+++ b/src/Mount/MainCom.cpp
@@ -106,7 +106,7 @@ public:
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
- return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
@@ -151,6 +151,17 @@ public:
return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value);
}
+ virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)
+ {
+ USES_CONVERSION;
+ CW2A volumePathA(volumePath);
+ MainDlg = (HWND) hWnd;
+ if (volumePathA.m_psz)
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
+ else
+ return ERR_OUTOFMEMORY;
+ }
+
protected:
DWORD MessageThreadId;
LONG RefCount;
@@ -261,7 +272,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
}
-extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
+extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
CComPtr<ITrueCryptMainCom> tc;
int r;
@@ -269,7 +280,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *
if (ComGetInstance (hwndDlg, &tc))
{
WaitCursor ();
- r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
+ r = tc->ChangePasswordEx (CComBSTR (lpszVolume), oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
NormalCursor ();
}
else
diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h
index a22eb34..7643c64 100644
--- a/src/Mount/MainCom.h
+++ b/src/Mount/MainCom.h
@@ -23,7 +23,7 @@ BOOL ComServerMain ();
void UacAnalyzeKernelMiniDump (HWND hwndDlg);
int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
-int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
+int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#ifdef __cplusplus
}
diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl
index 8550fe8..3e347c9 100644
--- a/src/Mount/MainCom.idl
+++ b/src/Mount/MainCom.idl
@@ -12,7 +12,7 @@ import "..\Common\Password.h";
[
uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A),
helpstring("VeraCrypt Main UAC Support Library"),
- version(2.4) // Update ComSetup.cpp when changing version number
+ version(2.5) // Update ComSetup.cpp when changing version number
]
library TrueCryptMainCom
{
@@ -37,6 +37,7 @@ library TrueCryptMainCom
int RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume);
DWORD SetDriverServiceStartType (DWORD startType);
DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);
+ int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
};
[
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 0f58c66..db0e6a9 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -122,6 +122,8 @@ int nSelectedDriveIndex = -1; /* Item number of selected drive */
int cmdUnmountDrive = 0; /* Volume drive letter to unmount (-1 = all) */
Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */
+int VolumePkcs5 = 0;
+int CmdVolumePkcs5 = 0;
BOOL CmdVolumePasswordValid = FALSE;
MountOptions CmdMountOptions;
BOOL CmdMountOptionsValid = FALSE;
@@ -213,6 +215,8 @@ static void localcleanup (void)
clear them for extra security. */
burn (&VolumePassword, sizeof (VolumePassword));
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));
burn (&mountOptions, sizeof (mountOptions));
burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName));
@@ -493,6 +497,7 @@ void LoadSettings (HWND hwndDlg)
defaultMountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE);
defaultMountOptions.ReadOnly = ConfigReadInt ("MountVolumesReadOnly", FALSE);
defaultMountOptions.ProtectHiddenVolume = FALSE;
+ defaultMountOptions.ProtectedHidVolPkcs5Prf = 0;
defaultMountOptions.PartitionInInactiveSysEncScope = FALSE;
defaultMountOptions.RecoveryMode = FALSE;
defaultMountOptions.UseBackupHeader = FALSE;
@@ -1448,7 +1453,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
case WM_INITDIALOG:
{
LPARAM nIndex;
- HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID);
int i;
WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
@@ -1466,6 +1471,22 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), TRUE);
+ /* Add PRF algorithm list for current password */
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
+ /* Add PRF algorithm list for new password */
+ hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("UNCHANGED"));
@@ -1508,6 +1529,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
break;
case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL:
@@ -1558,6 +1581,12 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
ShowWindow(GetDlgItem(hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), SW_HIDE);
ShowWindow(GetDlgItem(hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI), SW_HIDE);
+ /* for system encryption, we can't change the PRF */
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), FALSE);
+
if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)
{
Error ("CANNOT_SET_TIMER");
@@ -1815,6 +1844,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0),
0);
int nStatus;
+ int old_pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETITEMDATA,
+ SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0);
int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
@@ -1872,11 +1903,20 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
{
// System
- pkcs5 = 0; // PKCS-5 PRF unchanged (currently system encryption supports only RIPEMD-160)
+ try
+ {
+ VOLUME_PROPERTIES_STRUCT properties;
+ BootEncObj->GetVolumeProperties(&properties);
+ old_pkcs5 = properties.pkcs5;
+ }
+ catch(...)
+ {}
+
+ pkcs5 = 0; // PKCS-5 PRF unchanged (currently we can't change PRF of system encryption)
try
{
- nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
+ nStatus = BootEncObj->ChangePassword (&oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
}
catch (Exception &e)
{
@@ -1888,14 +1928,14 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
{
// Non-system
- nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
+ nStatus = ChangePwd (szFileName, &oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
if (nStatus == ERR_OS_ERROR
&& GetLastError () == ERROR_ACCESS_DENIED
&& IsUacSupported ()
&& IsVolumeDeviceHosted (szFileName))
{
- nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
+ nStatus = UacChangePwd (szFileName, &oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
}
}
@@ -1943,13 +1983,16 @@ static char *PasswordDialogTitleStringId;
BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
{
WORD lw = LOWORD (wParam);
- static Password *szXPwd;
+ static Password *szXPwd;
+ static int *pkcs5;
switch (msg)
{
case WM_INITDIALOG:
{
- szXPwd = (Password *) lParam;
+ int i, nIndex;
+ szXPwd = ((PasswordDlgParam *) lParam) -> password;
+ pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE);
@@ -1977,6 +2020,22 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SetWindowTextW (hwndDlg, s);
}
+ /* Populate the PRF algorithms list */
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ /* make autodetection the default */
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);
@@ -2155,6 +2214,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
szXPwd->Length = strlen ((char *) szXPwd->Text);
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
+ *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
}
// Attempt to wipe password stored in the input field buffer
@@ -2502,6 +2562,21 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA), !bPrebootPasswordDlgMode);
+ /* Add PRF algorithm list for hidden volume password */
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ int i, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL));
EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)));
@@ -2511,6 +2586,8 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect);
SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles);
@@ -2609,6 +2686,9 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
sizeof (mountOptions->ProtectedHidVolPassword.Text));
mountOptions->ProtectedHidVolPassword.Length = strlen ((char *) mountOptions->ProtectedHidVolPassword.Text);
+
+ mountOptions->ProtectedHidVolPkcs5Prf = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
+ SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
}
// Cleanup
@@ -2645,6 +2725,8 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect);
return 1;
}
@@ -3396,21 +3478,27 @@ LPARAM GetItemLong (HWND hTree, int itemNo)
return item.lParam;
}
-static int AskVolumePassword (HWND hwndDlg, Password *password, char *titleStringId, BOOL enableMountOptions)
+static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, char *titleStringId, BOOL enableMountOptions)
{
int result;
+ PasswordDlgParam dlgParam;
PasswordDialogTitleStringId = titleStringId;
PasswordDialogDisableMountOptions = !enableMountOptions;
+ dlgParam.password = password;
+ dlgParam.pkcs5 = pkcs5;
+
result = DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,
- (DLGPROC) PasswordDlgProc, (LPARAM) password);
+ (DLGPROC) PasswordDlgProc, (LPARAM) &dlgParam);
if (result != IDOK)
{
password->Length = 0;
+ *pkcs5 = 0;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
return result == IDOK;
@@ -3430,7 +3518,10 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
nDosDriveNo = HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) - 'A';
if (!MultipleMountOperationInProgress)
+ {
VolumePassword.Length = 0;
+ VolumePkcs5 = 0;
+ }
if (szFileName == NULL)
{
@@ -3465,7 +3556,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
// First try cached passwords and if they fail ask user for a new one
WaitCursor ();
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile)
@@ -3474,14 +3565,16 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
emptyPassword.Length = 0;
KeyFilesApply (&emptyPassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ if (mounted)
+ VolumePkcs5 = CmdVolumePkcs5;
burn (&emptyPassword, sizeof (emptyPassword));
}
// Test password and/or keyfiles used for the previous volume
if (!mounted && MultipleMountOperationInProgress && VolumePassword.Length != 0)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
NormalCursor ();
@@ -3494,17 +3587,24 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
}
while (mounted == 0)
- {
+ {
if (CmdVolumePassword.Length > 0)
{
VolumePassword = CmdVolumePassword;
+ VolumePkcs5 = CmdVolumePkcs5;
}
else if (!Silent)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
goto ret;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
}
WaitCursor ();
@@ -3512,7 +3612,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
if (KeyFilesEnable)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor ();
// Check for legacy non-ASCII passwords
@@ -3524,9 +3624,13 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING");
if (!MultipleMountOperationInProgress)
+ {
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
if (CmdVolumePassword.Length > 0 || Silent)
break;
@@ -3554,9 +3658,13 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
ret:
if (!MultipleMountOperationInProgress)
+ {
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
RestoreDefaultKeyFilesParam ();
@@ -3749,14 +3857,21 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
{
if (!CmdVolumePasswordValid && bPasswordPrompt)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
PasswordDlgVolume[0] = '\0';
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
goto ret;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
}
else if (CmdVolumePasswordValid)
{
bPasswordPrompt = FALSE;
VolumePassword = CmdVolumePassword;
+ VolumePkcs5 = CmdVolumePkcs5;
}
WaitCursor();
@@ -3810,8 +3925,8 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
goto ret;
// First try user password then cached passwords
- if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
- || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
+ if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
+ || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
{
// A volume has been successfully mounted
@@ -3889,7 +4004,9 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
if (!bHeaderBakRetry)
{
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
} while (bPasswordPrompt && mountedVolCount < 1);
@@ -3923,7 +4040,9 @@ ret:
MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader;
@@ -4786,7 +4905,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BOOL mounted;
// Cached password
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// Command line password or keyfiles
if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))
@@ -4797,7 +4916,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (&CmdVolumePassword, FirstCmdKeyFile);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A',
- szFileName, &CmdVolumePassword, bCacheInDriver, bForceMount,
+ szFileName, &CmdVolumePassword, CmdVolumePkcs5, bCacheInDriver, bForceMount,
&mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@@ -4812,21 +4931,29 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Ask user for password
while (!mounted && !Silent)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
VolumePassword.Length = 0;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
break;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
WaitCursor ();
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
NormalCursor ();
}
@@ -6654,7 +6781,8 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
OptionSilent,
OptionTokenLib,
OptionVolume,
- CommandWipeCache
+ CommandWipeCache,
+ OptionPkcs5,
};
argument args[]=
@@ -6675,7 +6803,8 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
{ OptionSilent, "/silent", "/s", FALSE },
{ OptionTokenLib, "/tokenlib", NULL, FALSE },
{ OptionVolume, "/volume", "/v", FALSE },
- { CommandWipeCache, "/wipecache", "/w", FALSE }
+ { CommandWipeCache, "/wipecache", "/w", FALSE },
+ { OptionPkcs5, "/prf", NULL , FALSE }
};
argumentspec as;
@@ -6874,6 +7003,32 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
exit(0);
break;
+ case OptionPkcs5:
+ {
+ char szTmp[32];
+ if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs,
+ nArgPos, &i, nNoCommandLineArgs, szTmp, sizeof (szTmp)))
+ {
+ if (stricmp(szTmp, "sha512") == 0)
+ CmdVolumePkcs5 = SHA512;
+ else if (stricmp(szTmp, "whirlpool") == 0)
+ CmdVolumePkcs5 = WHIRLPOOL;
+ else if (stricmp(szTmp, "sha256") == 0)
+ CmdVolumePkcs5 = SHA256;
+ else if (stricmp(szTmp, "ripemd160") == 0)
+ CmdVolumePkcs5 = RIPEMD160;
+ else
+ {
+ CmdVolumePkcs5 = 0;
+ Error ("COMMAND_LINE_ERROR");
+ }
+
+ }
+ else
+ Error ("COMMAND_LINE_ERROR");
+ }
+ break;
+
// no option = file name
default:
{
@@ -7332,6 +7487,7 @@ skipMount:
MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
if (status && CloseSecurityTokenSessionsAfterMount)
SecurityToken::CloseAllSessions();
@@ -7558,7 +7714,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, askPassword, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -7569,7 +7725,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (askPassword, FirstKeyFile);
- nStatus = OpenVolume (askVol, lpszVolume, askPassword, FALSE, bPreserveTimestamp, FALSE);
+ nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, FALSE, bPreserveTimestamp, FALSE);
NormalCursor();
@@ -7722,6 +7878,7 @@ error:
handleError (hwndDlg, nStatus);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&hiddenVolPassword, sizeof (hiddenVolPassword));
burn (temporaryKey, sizeof (temporaryKey));
burn (originalK2, sizeof (originalK2));
@@ -7823,7 +7980,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
while (TRUE)
{
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, NULL, FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -7834,7 +7991,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, TRUE, bPreserveTimestamp, TRUE);
+ nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, TRUE, bPreserveTimestamp, TRUE);
NormalCursor();
@@ -8025,7 +8182,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
// Open the header
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, &VolumePassword, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -8041,7 +8198,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (type == TC_VOLUME_TYPE_HIDDEN)
headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);
- nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, &restoredCryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, &restoredCryptoInfo, NULL);
if (nStatus == ERR_SUCCESS)
break;
}
@@ -8145,6 +8302,7 @@ error:
handleError (hwndDlg, nStatus);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
RestoreDefaultKeyFilesParam();
RandStop (FALSE);
NormalCursor();
diff --git a/src/Mount/Mount.h b/src/Mount/Mount.h
index f0f5885..e982de8 100644
--- a/src/Mount/Mount.h
+++ b/src/Mount/Mount.h
@@ -48,6 +48,11 @@ typedef struct
BOOL bHidVolDamagePrevReported[26];
} VOLUME_NOTIFICATIONS_LIST;
+typedef struct
+{
+ Password *password;
+ int* pkcs5;
+} PasswordDlgParam;
extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 56597cd..8851646 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -103,32 +103,34 @@ BEGIN
CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154
END
-IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 183
+IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 207
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Change Password or Keyfiles"
CLASS "CustomDlg"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_OLD_PASSWORD,89,14,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,34,86,10
- PUSHBUTTON "Keyfiles...",IDC_KEYFILES,177,32,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,46,138,10,WS_EX_TRANSPARENT
- EDITTEXT IDC_PASSWORD,89,74,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- EDITTEXT IDC_VERIFY,89,90,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,109,86,11
- PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,177,107,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,121,139,11,WS_EX_TRANSPARENT
- COMBOBOX IDC_PKCS5_PRF_ID,89,136,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,86,10
+ PUSHBUTTON "Keyfiles...",IDC_KEYFILES,177,51,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT
+ EDITTEXT IDC_PASSWORD,89,99,147,13,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_VERIFY,89,115,147,13,ES_PASSWORD | ES_AUTOHSCROLL
+ CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,86,11
+ PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,177,132,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,139,11,WS_EX_TRANSPARENT
+ COMBOBOX IDC_PKCS5_PRF_ID,89,161,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
DEFPUSHBUTTON "OK",IDOK,251,7,59,14
PUSHBUTTON "Cancel",IDCANCEL,251,24,59,14
RTEXT "Password:",IDT_PASSWORD,12,16,72,8
- RTEXT "Password:",IDT_NEW_PASSWORD,8,77,76,8
- RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,93,75,16
- RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,9,137,74,10,SS_CENTERIMAGE
- GROUPBOX "Current",IDT_CURRENT,6,3,238,58
- GROUPBOX "New",IDT_NEW,6,63,238,113
- COMBOBOX IDC_WIPE_MODE,89,155,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
- RTEXT "Wipe mode:",IDT_WIPE_MODE,9,157,74,8,0,WS_EX_RIGHT
+ RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8
+ RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16
+ RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE
+ GROUPBOX "Current",IDT_CURRENT,6,3,238,77
+ GROUPBOX "New",IDT_NEW,6,87,238,113
+ COMBOBOX IDC_WIPE_MODE,89,180,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT
+ COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE
END
IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@@ -161,21 +163,23 @@ BEGIN
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119
END
-IDD_PASSWORD_DLG DIALOGEX 0, 0, 280, 68
+IDD_PASSWORD_DLG DIALOGEX 0, 0, 305, 91
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION
CAPTION "Enter VeraCrypt Volume Password"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
- EDITTEXT IDC_PASSWORD,48,8,153,14,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_PASSWORD,69,8,153,14,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,27,153,10
- CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,40,83,10
- CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,52,83,11
- PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,137,49,64,14
- PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,208,49,64,14
- DEFPUSHBUTTON "OK",IDOK,208,8,64,14
- PUSHBUTTON "Cancel",IDCANCEL,208,25,64,14
- RTEXT "Password:",IDT_PASSWORD,0,10,46,19
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10
+ CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10
+ CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11
+ PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,158,72,64,14
+ PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,229,72,64,14
+ DEFPUSHBUTTON "OK",IDOK,229,8,64,14
+ PUSHBUTTON "Cancel",IDCANCEL,229,25,64,14
+ RTEXT "Password:",IDT_PASSWORD,0,10,65,13
+ COMBOBOX IDC_PKCS5_PRF_ID,69,26,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13
END
IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269
@@ -355,7 +359,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 309
TOPMARGIN, 7
- BOTTOMMARGIN, 176
+ BOTTOMMARGIN, 200
END
IDD_MOUNT_DLG, DIALOG
@@ -366,7 +370,8 @@ BEGIN
IDD_PASSWORD_DLG, DIALOG
BEGIN
- BOTTOMMARGIN, 63
+ RIGHTMARGIN, 296
+ BOTTOMMARGIN, 86
END
IDD_TRAVELER_DLG, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index 3ba7524..bf64cee 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -35,7 +35,6 @@
#define IDC_ENABLE_NEW_KEYFILES 1012
#define IDC_PRESERVE_TIMESTAMPS 1013
#define IDC_PREF_WIPE_CACHE_ON_EXIT 1014
-#define IDC_PKCS5_PRF_ID 1015
#define IDC_PREF_CACHE_PASSWORDS 1016
#define IDC_DIRECTORY 1017
#define IDC_PREF_DISMOUNT_LOGOFF 1018
@@ -77,7 +76,6 @@
#define IDT_NEW 1054
#define IDT_NEW_PASSWORD 1055
#define IDT_CONFIRM_PASSWORD 1056
-#define IDT_PKCS5_PRF 1057
#define IDT_PW_CACHE_OPTIONS 1058
#define IDT_DEFAULT_MOUNT_OPTIONS 1059
#define IDT_WINDOWS_RELATED_SETTING 1060
@@ -160,6 +158,8 @@
#define IDC_FAVORITES_HELP_LINK 1135
#define IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX 1136
#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137
+#define IDT_NEW_PKCS5_PRF 1138
+#define IDC_PKCS5_OLD_PRF_ID 1139
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -231,7 +231,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 118
#define _APS_NEXT_COMMAND_VALUE 40064
-#define _APS_NEXT_CONTROL_VALUE 1138
+#define _APS_NEXT_CONTROL_VALUE 1140
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
diff --git a/src/Setup/ComSetup.cpp b/src/Setup/ComSetup.cpp
index 25d16a0..eadb838 100644
--- a/src/Setup/ComSetup.cpp
+++ b/src/Setup/ComSetup.cpp
@@ -7,7 +7,7 @@
*/
#define TC_MAIN_COM_VERSION_MAJOR 2
-#define TC_MAIN_COM_VERSION_MINOR 4
+#define TC_MAIN_COM_VERSION_MINOR 5
#define TC_FORMAT_COM_VERSION_MAJOR 2
#define TC_FORMAT_COM_VERSION_MINOR 4