VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-12-20 20:11:50 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-12-21 01:19:04 +0100
commit8f6c08330ac37b7729d8c1bf7276e8fede2d17fa (patch)
treed395993fe27894fcc2436e7a8e7a35ab4040da00 /src/Mount
parent7832d712fda877001ea5ae825d1a07d424cb72b7 (diff)
downloadVeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.tar.gz
VeraCrypt-8f6c08330ac37b7729d8c1bf7276e8fede2d17fa.zip
Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings.
Diffstat (limited to 'src/Mount')
-rw-r--r--src/Mount/Mount.c84
-rw-r--r--src/Mount/Mount.rc46
-rw-r--r--src/Mount/Resource.h4
3 files changed, 87 insertions, 47 deletions
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 2af48def..3dc944a6 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -86,6 +86,7 @@ BOOL bCacheInDriver = FALSE; /* Cache any passwords we see */
BOOL bCacheInDriverDefault = FALSE;
BOOL bCacheDuringMultipleMount = FALSE;
BOOL bCmdCacheDuringMultipleMount = FALSE;
+BOOL bIncludePimInCache = FALSE;
BOOL bTryEmptyPasswordWhenKeyfileUsed = FALSE;
BOOL bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE;
BOOL bCmdTryEmptyPasswordWhenKeyfileUsedValid = FALSE;
@@ -129,8 +130,8 @@ Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */
int VolumePkcs5 = 0;
int CmdVolumePkcs5 = 0;
-int VolumePim = 0;
-int CmdVolumePim = 0;
+int VolumePim = -1;
+int CmdVolumePim = -1;
int DefaultVolumePkcs5 = 0;
BOOL VolumeTrueCryptMode = FALSE;
BOOL CmdVolumeTrueCryptMode = FALSE;
@@ -677,6 +678,8 @@ void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL*
ConfigReadCompareInt ("WipePasswordCacheOnExit", FALSE, &bWipeCacheOnExit, bOnlyCheckModified, pbSettingsModified);
ConfigReadCompareInt ("WipeCacheOnAutoDismount", TRUE, &bWipeCacheOnAutoDismount, bOnlyCheckModified, pbSettingsModified);
+ ConfigReadCompareInt ("IncludePimInCache", FALSE, &bIncludePimInCache, bOnlyCheckModified, pbSettingsModified);
+
ConfigReadCompareInt ("TryEmptyPasswordWhenKeyfileUsed",FALSE, &bTryEmptyPasswordWhenKeyfileUsed, bOnlyCheckModified, pbSettingsModified);
ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified);
@@ -845,6 +848,8 @@ void SaveSettings (HWND hwndDlg)
ConfigWriteInt ("WipePasswordCacheOnExit", bWipeCacheOnExit);
ConfigWriteInt ("WipeCacheOnAutoDismount", bWipeCacheOnAutoDismount);
+ ConfigWriteInt ("IncludePimInCache", bIncludePimInCache);
+
ConfigWriteInt ("TryEmptyPasswordWhenKeyfileUsed", bTryEmptyPasswordWhenKeyfileUsed);
ConfigWriteInt ("StartOnLogon", bStartOnLogon);
@@ -3075,6 +3080,9 @@ BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS), BM_SETCHECK,
bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);
+
+ SendMessage (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), BM_SETCHECK,
+ bIncludePimInCache? BST_CHECKED:BST_UNCHECKED, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY), BM_SETCHECK,
defaultMountOptions.ReadOnly ? BST_CHECKED:BST_UNCHECKED, 0);
@@ -3178,6 +3186,7 @@ BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
bWipeCacheOnExit = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT));
bWipeCacheOnAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT));
bCacheInDriverDefault = bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PASSWORDS));
+ bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM));
defaultMountOptions.ReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_READONLY));
defaultMountOptions.Removable = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_MOUNT_REMOVABLE));
bEnableBkgTask = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_BKG_TASK_ENABLE));
@@ -3962,6 +3971,7 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
EnableWindow (GetDlgItem (hwndDlg, IDC_VOLUME_NAME), enabled);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER), enabled);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS), enabled);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM), enabled);
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY), enabled);
EnableWindow (GetDlgItem (hwndDlg, IDC_DRIVELIST), enabled);
EnableWindow (GetDlgItem (hwndDlg, IDT_TRAVELER_MOUNT), enabled);
@@ -4011,7 +4021,7 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
if (lw == IDC_CREATE)
{
- BOOL copyWizard, copyExpander, bExplore, bCacheInDriver, bAutoRun, bAutoMount, bMountReadOnly;
+ BOOL copyWizard, copyExpander, bExplore, bCacheInDriver, bIncludePimInCache, bAutoRun, bAutoMount, bMountReadOnly;
WCHAR dstDir[MAX_PATH + 1];
WCHAR srcPath[1024 + MAX_PATH + 1];
WCHAR dstPath[2*MAX_PATH + 1];
@@ -4031,6 +4041,7 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
copyExpander = IsButtonChecked (GetDlgItem (hwndDlg, IDC_COPY_EXPANDER));
bExplore = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAVEL_OPEN_EXPLORER));
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_TRAV_CACHE_PASSWORDS));
+ bIncludePimInCache = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_CACHE_PIM));
bMountReadOnly = IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY));
bAutoRun = !IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_DISABLE));
bAutoMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_AUTORUN_MOUNT));
@@ -4195,7 +4206,7 @@ BOOL CALLBACK TravelerDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
StringCbPrintfW (autoMount, sizeof(autoMount), L"VeraCrypt\\VeraCrypt.exe /q background%s%s%s%s /m rm /v %s",
drive > 0 ? driveLetter : L"",
bExplore ? L" /e" : L"",
- bCacheInDriver ? L" /c y" : L"",
+ bCacheInDriver ? (bIncludePimInCache? L" /c p" : L" /c y") : L"",
bMountReadOnly ? L" /m ro" : L"",
volName);
@@ -4367,7 +4378,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int
{
password->Length = 0;
*pkcs5 = 0;
- *pim = 0;
+ *pim = -1;
*truecryptMode = FALSE;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@@ -4407,7 +4418,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim)
VolumePassword.Length = 0;
VolumePkcs5 = 0;
VolumeTrueCryptMode = FALSE;
- VolumePim = 0;
+ VolumePim = -1;
}
if (szFileName == NULL)
@@ -4445,11 +4456,11 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim)
if (!bUseCmdVolumePassword)
{
// First try cached passwords and if they fail ask user for a new one
- // try TrueCrypt mode first since it is quick, only if pim = 0
- if (EffectiveVolumePim == 0)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first since it is quick, only if no custom pim specified
+ if (EffectiveVolumePim <= 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed)
@@ -4458,11 +4469,11 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim)
emptyPassword.Length = 0;
KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile, szFileName);
- // try TrueCrypt mode first since it is quick, only if pim = 0
- if (EffectiveVolumePim == 0)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first since it is quick, only if no custom pim specified
+ if (EffectiveVolumePim <= 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
burn (&emptyPassword, sizeof (emptyPassword));
}
@@ -4471,11 +4482,11 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim)
// Test password and/or keyfiles used for the previous volume
if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)
{
- // try TrueCrypt mode first as it is quick, only if pim = 0
- if (EffectiveVolumePim == 0)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first as it is quick, only if no custom pim specified
+ if (EffectiveVolumePim <= 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
}
NormalCursor ();
@@ -4522,7 +4533,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim)
if (KeyFilesEnable)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor ();
// Check for problematic file extensions (exe, dll, sys)
@@ -4848,6 +4859,7 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
VolumePassword.Length = 0;
mountOptions = defaultMountOptions;
bPrebootPasswordDlgMode = FALSE;
+ VolumePim = -1;
if (selDrive == -1)
selDrive = 0;
@@ -4938,8 +4950,8 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
goto ret;
// First try user password then cached passwords
- if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
- || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
+ if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0
+ || ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0)))
{
// A volume has been successfully mounted
@@ -6300,7 +6312,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
// Cached password
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
// Command line password or keyfiles
if (!mounted && (CmdVolumePassword.Length != 0 || (FirstCmdKeyFile && (CmdVolumePasswordValid || bEffectiveTryEmptyPasswordWhenKeyfileUsed))))
@@ -6311,7 +6323,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile, szFileName);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A',
- szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount,
+ szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount,
&mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@@ -6349,7 +6361,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName);
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
@@ -8191,6 +8203,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
{
wchar_t szTmp[16] = {0};
bCacheInDriver = TRUE;
+ bIncludePimInCache = FALSE;
if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs,
szTmp, sizeof (szTmp)))
@@ -8199,6 +8212,11 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
bCacheInDriver = FALSE;
else if (!_wcsicmp(szTmp,L"y") || !_wcsicmp(szTmp,L"yes"))
bCacheInDriver = TRUE;
+ else if (!_wcsicmp(szTmp,L"p") || !_wcsicmp(szTmp,L"pim"))
+ {
+ bCacheInDriver = TRUE;
+ bIncludePimInCache = TRUE;
+ }
else if (!_wcsicmp(szTmp,L"f") || !_wcsicmp(szTmp,L"favorites"))
{
bCacheInDriver = FALSE;
@@ -10431,6 +10449,8 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
byte userConfig;
string customUserMessage;
uint16 bootLoaderVersion;
+ BOOL bPasswordCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD)? TRUE : FALSE;
+ BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE;
BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion);
@@ -10442,8 +10462,10 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
CheckDlgButton (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT, (userConfig & TC_BOOT_USER_CFG_FLAG_SILENT_MODE) ? BST_CHECKED : BST_UNCHECKED);
CheckDlgButton (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS, (userConfig & TC_BOOT_USER_CFG_FLAG_DISABLE_ESC) ? BST_UNCHECKED : BST_CHECKED);
- CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD) ? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD, bPasswordCacheEnabled ? BST_CHECKED : BST_UNCHECKED);
CheckDlgButton (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION, (driverConfig & TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION) ? BST_CHECKED : BST_UNCHECKED);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), bPasswordCacheEnabled);
+ CheckDlgButton (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? BST_CHECKED : BST_UNCHECKED);
SetWindowTextW (GetDlgItem (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP), GetString("CUSTOM_BOOT_LOADER_MESSAGE_HELP"));
}
@@ -10498,8 +10520,11 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
try
{
+ BOOL bPasswordCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD);
+ BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM);
BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage);
- SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD));
+ SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled);
+ SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));
}
catch (Exception &e)
@@ -10523,7 +10548,14 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
case IDC_BOOT_LOADER_CACHE_PASSWORD:
if (IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PASSWORD))
+ {
Warning ("BOOT_PASSWORD_CACHE_KEYBOARD_WARNING", hwndDlg);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), TRUE);
+ }
+ else
+ {
+ EnableWindow (GetDlgItem (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM), FALSE);
+ }
break;
}
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 5e7abd90..81575c80 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -41,7 +41,7 @@ IDR_MOUNT_TLB TYPELIB "Mount.tlb"
// Dialog
//
-IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 291
+IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 305
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Preferences"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -78,22 +78,24 @@ BEGIN
CONTROL "Wipe cached passwords on exit",IDC_PREF_WIPE_CACHE_ON_EXIT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,227,165,11
CONTROL "Wipe cached passwords on auto-dismount",IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,254,296,11
- PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,275,85,14
- DEFPUSHBUTTON "OK",IDOK,225,275,50,14
- PUSHBUTTON "Cancel",IDCANCEL,281,275,50,14
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,255,296,11
+ PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,289,85,14
+ DEFPUSHBUTTON "OK",IDOK,225,289,50,14
+ PUSHBUTTON "Cancel",IDCANCEL,281,289,50,14
GROUPBOX "Windows",IDT_WINDOWS_RELATED_SETTING,4,160,328,52
GROUPBOX "Default Mount Options",IDT_DEFAULT_MOUNT_OPTIONS,4,3,328,26
GROUPBOX "VeraCrypt Background Task",IDT_TASKBAR_ICON,4,33,328,26
GROUPBOX "Auto-Dismount",IDT_AUTO_DISMOUNT,4,94,328,62
LTEXT "minutes",IDT_MINUTES,289,129,39,10
LTEXT "Dismount all when:",IDT_AUTO_DISMOUNT_ON,9,110,71,17
- GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,216,328,54
+ GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,216,328,68
GROUPBOX "Actions to perform upon logon to Windows",IDT_LOGON,4,63,328,28
CONTROL "User session locked",IDC_PREF_DISMOUNT_SESSION_LOCKED,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,197,105,130,11
CONTROL "Temporary Cache password during ""Mount Favorite Volumes"" operations",IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,241,294,11
+ CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,269,151,10
END
IDD_VOLUME_PROPERTIES DIALOGEX 60, 30, 284, 224
@@ -198,7 +200,7 @@ BEGIN
RTEXT "Volume PIM:",IDT_PIM,0,46,65,8,NOT WS_VISIBLE
END
-IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 287
+IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 299
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt Traveler Disk Setup"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -219,17 +221,19 @@ BEGIN
CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,224,256,10
CONTROL "&Cache password in driver memory",IDC_TRAV_CACHE_PASSWORDS,
"Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,237,256,10
- DEFPUSHBUTTON "Create",IDC_CREATE,173,267,57,14
- PUSHBUTTON "Close",IDCLOSE,236,267,57,14
+ DEFPUSHBUTTON "Create",IDC_CREATE,173,278,57,14
+ PUSHBUTTON "Close",IDCLOSE,236,278,57,14
GROUPBOX "File Settings",IDT_FILE_SETTINGS,6,7,287,71
- GROUPBOX "AutoRun Configuration (autorun.inf)",IDT_AUTORUN,5,88,288,172
+ GROUPBOX "AutoRun Configuration (autorun.inf)",IDT_AUTORUN,5,88,288,185
LTEXT "VeraCrypt volume to mount (relative to traveler disk root):",IDT_TRAVELER_MOUNT,21,165,248,8,WS_DISABLED
RTEXT "Mount volume as drive letter:",IDT_MOUNT_LETTER,18,195,99,8,WS_DISABLED
LTEXT "Create traveler disk files at (traveler disk root directory):",IDT_TRAVEL_ROOT,18,19,259,8
- GROUPBOX "Mount Settings",IDT_MOUNT_SETTINGS,13,152,272,100,WS_DISABLED
+ GROUPBOX "Mount Settings",IDT_MOUNT_SETTINGS,13,152,272,114,WS_DISABLED
LTEXT "Upon insertion of traveler disk: ",IDT_TRAVEL_INSERTION,13,102,263,8
CONTROL "Include VeraCrypt Volume Expander",IDC_COPY_EXPANDER,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,19,62,258,10
+ CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM,
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,22,250,256,10
END
IDD_HOTKEYS_DLG DIALOGEX 0, 0, 389, 257
@@ -275,7 +279,7 @@ BEGIN
LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65
END
-IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 370, 261
+IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 370, 272
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -286,15 +290,17 @@ BEGIN
CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,178,339,10
CONTROL "Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager)",IDC_ALLOW_ESC_PBA_BYPASS,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,193,340,10
- DEFPUSHBUTTON "OK",IDOK,257,233,50,14
- PUSHBUTTON "Cancel",IDCANCEL,313,233,50,14
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,208,340,10
+ DEFPUSHBUTTON "OK",IDOK,257,244,50,14
+ PUSHBUTTON "Cancel",IDCANCEL,313,244,50,14
LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,41,337,8
GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,8,7,355,150
- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,8,163,355,62
+ GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,8,163,355,75
LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,74,337,73
CONTROL "Disable ""Evil Maid"" attack detection",IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,208,340,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,223,340,10
+ CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,193,340,10
END
IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 370, 248
@@ -384,7 +390,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 329
TOPMARGIN, 7
- BOTTOMMARGIN, 289
+ BOTTOMMARGIN, 303
END
IDD_VOLUME_PROPERTIES, DIALOG
@@ -420,7 +426,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 293
TOPMARGIN, 7
- BOTTOMMARGIN, 280
+ BOTTOMMARGIN, 292
END
IDD_HOTKEYS_DLG, DIALOG
@@ -444,7 +450,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 363
TOPMARGIN, 7
- BOTTOMMARGIN, 247
+ BOTTOMMARGIN, 258
END
IDD_PERFORMANCE_SETTINGS, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index 29709566..b4c2ff2c 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -173,6 +173,8 @@
#define IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION 1151
#define IDC_WIPE_MODE 1152
#define IDT_WIPE_MODE 1153
+#define IDC_PREF_CACHE_PIM 1154
+#define IDC_BOOT_LOADER_CACHE_PIM 1155
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -249,7 +251,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 119
#define _APS_NEXT_COMMAND_VALUE 40069
-#define _APS_NEXT_CONTROL_VALUE 1154
+#define _APS_NEXT_CONTROL_VALUE 1156
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif