VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/BootEncryption.cpp
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2014-07-27 02:36:23 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2014-11-08 23:21:43 +0100
commit1c11ee428d9e06be1440133f6d1163ce6c709410 (patch)
treed593910f3e6e3d2441bfd4bfe25d6e58c508a0b0 /src/Common/BootEncryption.cpp
parent97154aaf51efe787dd1678c8e1baeeb65ce46fe1 (diff)
downloadVeraCrypt-1c11ee428d9e06be1440133f6d1163ce6c709410.tar.gz
VeraCrypt-1c11ee428d9e06be1440133f6d1163ce6c709410.zip
Add option in select the number of passes for volume header over-writing. By default, it is set to 3 but it can be increased to 256 passes (which can lead to a delay of many hours for a single password change operation).
Diffstat (limited to 'src/Common/BootEncryption.cpp')
-rw-r--r--src/Common/BootEncryption.cpp8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 0fec2878..e57a434e 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -2060,7 +2060,7 @@ namespace VeraCrypt
}
- int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5)
+ int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount)
{
BootEncryptionStatus encStatus = GetStatus();
@@ -2125,7 +2125,7 @@ namespace VeraCrypt
UserEnrichRandomPool (ParentWindow);
WaitCursor();
- /* The header will be re-encrypted PRAND_DISK_WIPE_PASSES times to prevent adversaries from using
+ /* The header will be re-encrypted wipePassCount times to prevent adversaries from using
techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy
to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22
times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might
@@ -2145,7 +2145,7 @@ namespace VeraCrypt
BOOL backupHeader = FALSE;
while (TRUE)
{
- for (int wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++)
+ for (int wipePass = 0; wipePass < wipePassCount; wipePass++)
{
PCRYPTO_INFO tmpCryptoInfo = NULL;
@@ -2164,7 +2164,7 @@ namespace VeraCrypt
cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags | TC_HEADER_FLAG_ENCRYPTED_SYSTEM,
cryptoInfo->SectorSize,
- wipePass < PRAND_DISK_WIPE_PASSES - 1);
+ wipePass < wipePassCount - 1);
if (tmpCryptoInfo)
crypto_close (tmpCryptoInfo);