VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2017-07-02 19:35:12 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2017-07-02 19:36:53 +0200
commitd1b26d4bfefe4d7f8581d4555e6634c3603772ed (patch)
treeb71140fbd82edd05e1696902069d2779d14c9d11 /src/Common
parenta0f2ffb90bf004b08fc4d3e317718d5a78fb54d5 (diff)
downloadVeraCrypt-d1b26d4bfefe4d7f8581d4555e6634c3603772ed.tar.gz
VeraCrypt-d1b26d4bfefe4d7f8581d4555e6634c3603772ed.zip
Windows: fix documentation and UI messages about the PIM constraints and calculation formula when EFI system encryption is using SHA-512 or Whirlpool. For historical reasons, if SHA-512 or Whirlpool is selected for EFI system encryption, then iterations = 15000 + (PIM x 1000) and not iterations = PIM x 2048 like the other algorithms.
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Password.c9
-rw-r--r--src/Common/Password.h2
2 files changed, 6 insertions, 5 deletions
diff --git a/src/Common/Password.c b/src/Common/Password.c
index e3876042..8ba91374 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -133,14 +133,15 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw)
}
-BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning)
+BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning)
{
- BOOL bCustomPimSmall = ((pim != 0) && (pim < (bForBoot? 98 : 485)))? TRUE : FALSE;
+ BOOL bootPimCondition = (bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE;
+ BOOL bCustomPimSmall = ((pim != 0) && (pim < (bootPimCondition? 98 : 485)))? TRUE : FALSE;
if (passwordLength < PASSWORD_LEN_WARNING)
{
if (bCustomPimSmall)
{
- Error (bForBoot? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg);
+ Error (bootPimCondition? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg);
return FALSE;
}
@@ -157,7 +158,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim
}
#endif
- if ((pim != 0) && (pim > (bForBoot? 98 : 485)))
+ if ((pim != 0) && (pim > (bootPimCondition? 98 : 485)))
{
// warn that mount/boot will take more time
Warning ("PIM_LARGE_WARNING", hwndDlg);
diff --git a/src/Common/Password.h b/src/Common/Password.h
index 9afcd060..b2b0511d 100644
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@@ -39,7 +39,7 @@ typedef struct
#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
-BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
+BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);