VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-13 00:00:26 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-07-13 21:35:15 (GMT)
commita43a5ebb2136a77be8e79546f329412e4bef14c4 (patch)
treee32491754c66e078ca1fa9a52adb1dce22400dcb /src/Common
parent8fc08b1e468482301fa5c31fcba742e24e197afc (diff)
downloadVeraCrypt-a43a5ebb2136a77be8e79546f329412e4bef14c4.zip
VeraCrypt-a43a5ebb2136a77be8e79546f329412e4bef14c4.tar.gz
Windows: Modify PIM parts in GUI to make it easier to use. Users must explicitly check "User PIM" to enable its use.
Diffstat (limited to 'src/Common')
-rw-r--r--src/Common/Common.rc17
-rw-r--r--src/Common/Dlgcode.c8
-rw-r--r--src/Common/Dlgcode.h1
-rw-r--r--src/Common/Language.xml9
-rw-r--r--src/Common/Password.c7
-rw-r--r--src/Common/Resource.h3
6 files changed, 32 insertions, 13 deletions
diff --git a/src/Common/Common.rc b/src/Common/Common.rc
index 7df1058..652b407 100644
--- a/src/Common/Common.rc
+++ b/src/Common/Common.rc
@@ -73,26 +73,27 @@ BEGIN
CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,11,194,10
CONTROL "Mount volume as removable &medium",IDC_MOUNT_REMOVABLE,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,25,195,10
+ CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
CONTROL "Mount partition &using system encryption without pre-boot authentication",IDC_MOUNT_SYSENC_PART_WITHOUT_PBA,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,53,259,11
CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10
EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL
+ COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
+ LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8,NOT WS_VISIBLE
CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,165,90,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,178,90,10
- PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,167,60,14
- LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY
+ PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,204,174,60,14
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
+ LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,139
- CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
- COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17
- EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
- RTEXT "Volume PIM:",IDT_PIM,15,148,91,17
- LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8
+ RTEXT "Volume PIM:",IDT_PIM,15,148,91,17,NOT WS_VISIBLE
+ CONTROL "Use PIM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,152,97,10
END
IDD_KEYFILES DIALOGEX 0, 0, 345, 237
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 478af87..2742317 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -118,6 +118,7 @@ BOOL bPortableModeConfirmed = FALSE; // TRUE if it is certain that the instance
BOOL bInPlaceEncNonSysPending = FALSE; // TRUE if the non-system in-place encryption config file indicates that one or more partitions are scheduled to be encrypted. This flag is set only when config files are loaded during app startup.
/* Globals used by Mount and Format (separately per instance) */
+BOOL PimEnable = FALSE;
BOOL KeyFilesEnable = FALSE;
KeyFile *FirstKeyFile = NULL;
KeyFilesDlgParam defaultKeyFilesParam;
@@ -9185,6 +9186,10 @@ void Applink (char *dest, BOOL bSendOS, char *extraOutput)
{
StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Contact");
}
+ else if (strcmp(dest, "pim") == 0)
+ {
+ StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29");
+ }
else
{
StringCbCopyA (url, sizeof (url),TC_APPLINK);
@@ -10765,7 +10770,8 @@ std::string FindLatestFileOrDirectory (const std::string &directory, const char
int GetPim (HWND hwndDlg, UINT ctrlId)
{
int pim = 0;
- if (IsWindowEnabled (GetDlgItem (hwndDlg, ctrlId)))
+ HWND hCtrl = GetDlgItem (hwndDlg, ctrlId);
+ if (IsWindowEnabled (hCtrl) && IsWindowVisible (hCtrl))
{
char szTmp[MAX_PIM + 1] = {0};
if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIM + 1) > 0)
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 175282f..18e581f 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -137,6 +137,7 @@ extern char bCachedSysDevicePathsValid;
extern BOOL bHyperLinkBeingTracked;
extern BOOL bInPlaceEncNonSysPending;
+extern BOOL PimEnable;
extern BOOL KeyFilesEnable;
extern KeyFile *FirstKeyFile;
extern KeyFilesDlgParam defaultKeyFilesParam;
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 889d7bb..a02da93 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -48,6 +48,7 @@
<control lang="en" key="IDC_KEY_FILES">&amp;Keyfiles...</control>
<control lang="en" key="IDC_LINK_HASH_INFO">Information on hash algorithms</control>
<control lang="en" key="IDC_LINK_MORE_INFO_ABOUT_CIPHER">More information</control>
+ <control lang="en" key="IDC_LINK_PIM_INFO">Information on PIM</control>
<control lang="en" key="IDC_MB">&amp;MB</control>
<control lang="en" key="IDC_MORE_INFO_ON_CONTAINERS">More information</control>
<control lang="en" key="IDC_MORE_INFO_ON_SYS_ENCRYPTION">More information about system encryption</control>
@@ -57,6 +58,7 @@
<control lang="en" key="IDC_NO_HISTORY">&amp;Never save history</control>
<control lang="en" key="IDC_OPEN_OUTER_VOLUME">Open Outer Volume</control>
<control lang="en" key="IDC_PAUSE">&amp;Pause</control>
+ <control lang="en" key="IDC_PIM_ENABLE">Use PIM</control>
<control lang="en" key="IDC_QUICKFORMAT">Quick Format</control>
<control lang="en" key="IDC_SHOW_PASSWORD">&amp;Display password</control>
<control lang="en" key="IDC_SHOW_PASSWORD_SINGLE">&amp;Display password</control>
@@ -617,14 +619,15 @@
<string lang="en" key="PASSWORD_OR_KEYFILE_OR_MODE_WRONG">Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume.</string>
<string lang="en" key="PASSWORD_WRONG_AUTOMOUNT">Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT">Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found.</string>
- <string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
+ <string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
<string lang="en" key="PIM_CHANGE_WARNING">Remember Number to Mount Volume</string>
<string lang="en" key="PIM_HIDVOL_HOST_TITLE">Outer Volume PIM</string>
<string lang="en" key="PIM_HIDVOL_TITLE">Hidden Volume PIM</string>
<string lang="en" key="PIM_HIDDEN_OS_TITLE">PIM for Hidden Operating System</string>
- <string lang="en" key="PIM_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker mount but it can reduce security if the password is not strong enough.</string>
- <string lang="en" key="PIM_SYSENC_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker boot but it can reduce security if the password is not strong enough.</string>
+ <string lang="en" key="PIM_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough.</string>
+ <string lang="en" key="PIM_SYSENC_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough.</string>
<string lang="en" key="PIM_SYSENC_CHANGE_WARNING">Remember Number to Boot System</string>
+ <string lang="en" key="PIM_LARGE_WARNING">You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot.</string>
<string lang="en" key="PIM_SMALL_WARNING">You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password?</string>
<string lang="en" key="PIM_SYSENC_TOO_BIG">Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535.</string>
<string lang="en" key="PIM_TITLE">Volume PIM</string>
diff --git a/src/Common/Password.c b/src/Common/Password.c
index f8cf461..fe9a937 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -134,6 +134,13 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim
return FALSE;
}
#endif
+
+ if ((pim != 0) && (pim > (bForBoot? 98 : 485)))
+ {
+ // warn that mount/boot will take more time
+ MessageBoxW (hwndDlg, GetString ("PIM_LARGE_WARNING"), lpszTitle, MB_OK|MB_ICONWARNING);
+
+ }
return TRUE;
}
diff --git a/src/Common/Resource.h b/src/Common/Resource.h
index 2d593b6..f1c2021 100644
--- a/src/Common/Resource.h
+++ b/src/Common/Resource.h
@@ -191,6 +191,7 @@
#define IDT_PIM 5129
#define IDC_PIM 5130
#define IDC_PIM_HELP 5131
+#define IDC_PIM_ENABLE 5132
// Next default values for new objects
//
@@ -199,7 +200,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 542
#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 5132
+#define _APS_NEXT_CONTROL_VALUE 5133
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif