VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-x[-rw-r--r--]src/Core/CoreBase.cpp8
-rwxr-xr-x[-rw-r--r--]src/Core/CoreBase.h4
-rwxr-xr-x[-rw-r--r--]src/Core/MountOptions.cpp35
-rwxr-xr-x[-rw-r--r--]src/Core/MountOptions.h2
-rwxr-xr-x[-rw-r--r--]src/Core/Unix/CoreUnix.cpp2
-rw-r--r--src/Main/CommandLineInterface.cpp32
-rw-r--r--src/Main/CommandLineInterface.h1
-rwxr-xr-x[-rw-r--r--]src/Main/Forms/ChangePasswordDialog.cpp4
-rwxr-xr-x[-rw-r--r--]src/Main/Forms/MountOptionsDialog.cpp6
-rw-r--r--src/Main/Forms/VolumeCreationWizard.cpp3
-rw-r--r--src/Main/Forms/VolumeCreationWizard.h1
-rwxr-xr-x[-rw-r--r--]src/Main/Forms/VolumePasswordPanel.cpp14
-rwxr-xr-x[-rw-r--r--]src/Main/Forms/VolumePasswordPanel.h2
-rwxr-xr-x[-rw-r--r--]src/Main/Forms/VolumePasswordWizardPage.cpp2
-rw-r--r--src/Main/Forms/VolumePasswordWizardPage.h1
-rwxr-xr-x[-rw-r--r--]src/Main/GraphicUserInterface.cpp6
-rwxr-xr-x[-rw-r--r--]src/Main/GraphicUserInterface.h2
-rwxr-xr-x[-rw-r--r--]src/Main/TextUserInterface.cpp30
-rwxr-xr-x[-rw-r--r--]src/Main/TextUserInterface.h2
-rwxr-xr-x[-rw-r--r--]src/Main/UserInterface.cpp7
-rwxr-xr-x[-rw-r--r--]src/Main/UserInterface.h2
-rw-r--r--src/Volume/Pkcs5Kdf.h7
-rwxr-xr-x[-rw-r--r--]src/Volume/Volume.cpp12
-rwxr-xr-x[-rw-r--r--]src/Volume/Volume.h4
-rwxr-xr-x[-rw-r--r--]src/Volume/VolumeHeader.cpp5
-rwxr-xr-x[-rw-r--r--]src/Volume/VolumeHeader.h2
26 files changed, 160 insertions, 36 deletions
diff --git a/src/Core/CoreBase.cpp b/src/Core/CoreBase.cpp
index 95e5c20..0137e20 100644..100755
--- a/src/Core/CoreBase.cpp
+++ b/src/Core/CoreBase.cpp
@@ -68,9 +68,9 @@ namespace VeraCrypt
}
}
- void CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const
+ void CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const
{
- shared_ptr <Volume> volume = OpenVolume (volumePath, preserveTimestamps, password, keyfiles);
+ shared_ptr <Volume> volume = OpenVolume (volumePath, preserveTimestamps, password, kdf, keyfiles);
ChangePassword (volume, newPassword, newKeyfiles, newPkcs5Kdf, wipeCount);
}
@@ -242,10 +242,10 @@ namespace VeraCrypt
return GetMountedVolume (volumePath);
}
- shared_ptr <Volume> CoreBase::OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) const
+ shared_ptr <Volume> CoreBase::OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr<Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr<Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) const
{
make_shared_auto (Volume, volume);
- volume->Open (*volumePath, preserveTimestamps, password, keyfiles, protection, protectionPassword, protectionKeyfiles, sharedAccessAllowed, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+ volume->Open (*volumePath, preserveTimestamps, password, kdf, keyfiles, protection, protectionPassword, protectionKdf, protectionKeyfiles, sharedAccessAllowed, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
return volume;
}
diff --git a/src/Core/CoreBase.h b/src/Core/CoreBase.h
index 6ebb76b..0d52e5b 100644..100755
--- a/src/Core/CoreBase.h
+++ b/src/Core/CoreBase.h
@@ -29,7 +29,7 @@ namespace VeraCrypt
virtual ~CoreBase ();
virtual void ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
- virtual void ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
+ virtual void ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const;
virtual void CheckFilesystem (shared_ptr <VolumeInfo> mountedVolume, bool repair = false) const = 0;
virtual void CoalesceSlotNumberAndMountPoint (MountOptions &options) const;
virtual void CreateKeyfile (const FilePath &keyfilePath) const;
@@ -64,7 +64,7 @@ namespace VeraCrypt
virtual bool IsVolumeMounted (const VolumePath &volumePath) const;
virtual VolumeSlotNumber MountPointToSlotNumber (const DirectoryPath &mountPoint) const = 0;
virtual shared_ptr <VolumeInfo> MountVolume (MountOptions &options) = 0;
- virtual shared_ptr <Volume> OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false) const;
+ virtual shared_ptr <Volume> OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr<Pkcs5Kdf> Kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr<Pkcs5Kdf> protectionKdf = shared_ptr<Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false) const;
virtual void RandomizeEncryptionAlgorithmKey (shared_ptr <EncryptionAlgorithm> encryptionAlgorithm) const;
virtual void ReEncryptVolumeHeaderWithNewSalt (const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles) const;
virtual void SetAdminPasswordCallback (shared_ptr <GetStringFunctor> functor) { }
diff --git a/src/Core/MountOptions.cpp b/src/Core/MountOptions.cpp
index a09879d..fb813bf 100644..100755
--- a/src/Core/MountOptions.cpp
+++ b/src/Core/MountOptions.cpp
@@ -26,11 +26,21 @@ namespace VeraCrypt
TC_CLONE (NoHardwareCrypto);
TC_CLONE (NoKernelCrypto);
TC_CLONE_SHARED (VolumePassword, Password);
+ if (other.Kdf)
+ {
+ Kdf.reset(other.Kdf->Clone());
+ }
+ else
+ Kdf.reset();
TC_CLONE_SHARED (VolumePath, Path);
TC_CLONE (PartitionInSystemEncryptionScope);
TC_CLONE (PreserveTimestamps);
TC_CLONE (Protection);
TC_CLONE_SHARED (VolumePassword, ProtectionPassword);
+ if (other.ProtectionKdf)
+ ProtectionKdf.reset(other.ProtectionKdf->Clone());
+ else
+ ProtectionKdf.reset();
TC_CLONE_SHARED (KeyfileList, ProtectionKeyfiles);
TC_CLONE (Removable);
TC_CLONE (SharedAccessAllowed);
@@ -41,6 +51,7 @@ namespace VeraCrypt
void MountOptions::Deserialize (shared_ptr <Stream> stream)
{
Serializer sr (stream);
+ wstring nameValue;
sr.Deserialize ("CachePassword", CachePassword);
sr.Deserialize ("FilesystemOptions", FilesystemOptions);
@@ -61,6 +72,14 @@ namespace VeraCrypt
Password = Serializable::DeserializeNew <VolumePassword> (stream);
else
Password.reset();
+
+ if (!sr.DeserializeBool ("KdfNull"))
+ {
+ sr.Deserialize ("Kdf", nameValue);
+ Kdf = Pkcs5Kdf::GetAlgorithm (nameValue);
+ }
+ else
+ Kdf.reset();
if (!sr.DeserializeBool ("PathNull"))
Path.reset (new VolumePath (sr.DeserializeWString ("Path")));
@@ -77,6 +96,14 @@ namespace VeraCrypt
else
ProtectionPassword.reset();
+ if (!sr.DeserializeBool ("ProtectionKdfNull"))
+ {
+ sr.Deserialize ("ProtectionKdf", nameValue);
+ ProtectionKdf = Pkcs5Kdf::GetAlgorithm (nameValue);
+ }
+ else
+ ProtectionKdf.reset();
+
ProtectionKeyfiles = Keyfile::DeserializeList (stream, "ProtectionKeyfiles");
sr.Deserialize ("Removable", Removable);
sr.Deserialize ("SharedAccessAllowed", SharedAccessAllowed);
@@ -106,6 +133,10 @@ namespace VeraCrypt
if (Password)
Password->Serialize (stream);
+ sr.Serialize ("KdfNull", Kdf == nullptr);
+ if (Kdf)
+ sr.Serialize ("Kdf", Kdf->GetName());
+
sr.Serialize ("PathNull", Path == nullptr);
if (Path)
sr.Serialize ("Path", wstring (*Path));
@@ -118,6 +149,10 @@ namespace VeraCrypt
if (ProtectionPassword)
ProtectionPassword->Serialize (stream);
+ sr.Serialize ("ProtectionKdfNull", ProtectionKdf == nullptr);
+ if (ProtectionKdf)
+ sr.Serialize ("ProtectionKdf", ProtectionKdf->GetName());
+
Keyfile::SerializeList (stream, "ProtectionKeyfiles", ProtectionKeyfiles);
sr.Serialize ("Removable", Removable);
sr.Serialize ("SharedAccessAllowed", SharedAccessAllowed);
diff --git a/src/Core/MountOptions.h b/src/Core/MountOptions.h
index 12aa03d..6cb2c54 100644..100755
--- a/src/Core/MountOptions.h
+++ b/src/Core/MountOptions.h
@@ -51,11 +51,13 @@ namespace VeraCrypt
bool NoHardwareCrypto;
bool NoKernelCrypto;
shared_ptr <VolumePassword> Password;
+ shared_ptr <Pkcs5Kdf> Kdf;
bool PartitionInSystemEncryptionScope;
shared_ptr <VolumePath> Path;
bool PreserveTimestamps;
VolumeProtection::Enum Protection;
shared_ptr <VolumePassword> ProtectionPassword;
+ shared_ptr <Pkcs5Kdf> ProtectionKdf;
shared_ptr <KeyfileList> ProtectionKeyfiles;
bool Removable;
bool SharedAccessAllowed;
diff --git a/src/Core/Unix/CoreUnix.cpp b/src/Core/Unix/CoreUnix.cpp
index 15a9629..d33e4b7 100644..100755
--- a/src/Core/Unix/CoreUnix.cpp
+++ b/src/Core/Unix/CoreUnix.cpp
@@ -409,9 +409,11 @@ namespace VeraCrypt
options.Path,
options.PreserveTimestamps,
options.Password,
+ options.Kdf,
options.Keyfiles,
options.Protection,
options.ProtectionPassword,
+ options.ProtectionKdf,
options.ProtectionKeyfiles,
options.SharedAccessAllowed,
VolumeType::Unknown,
diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp
index eed8cf2..68e644b 100644
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -36,6 +36,7 @@ namespace VeraCrypt
parser.AddSwitch (L"C", L"change", _("Change password or keyfiles"));
parser.AddSwitch (L"c", L"create", _("Create new volume"));
parser.AddSwitch (L"", L"create-keyfile", _("Create new keyfile"));
+ parser.AddOption (L"", L"current-hash", _("Current hash algorithm for change password/keyfiles operation"));
parser.AddSwitch (L"", L"delete-token-keyfiles", _("Delete security token keyfiles"));
parser.AddSwitch (L"d", L"dismount", _("Dismount volume"));
parser.AddSwitch (L"", L"display-password", _("Display password while typing"));
@@ -61,6 +62,7 @@ namespace VeraCrypt
parser.AddSwitch (L"", L"non-interactive", _("Do not interact with user"));
parser.AddOption (L"p", L"password", _("Password"));
parser.AddOption (L"", L"protect-hidden", _("Protect hidden volume"));
+ parser.AddOption (L"", L"protection-hash", _("Hash algorithm for protected hidden volume"));
parser.AddOption (L"", L"protection-keyfiles", _("Keyfiles for protected hidden volume"));
parser.AddOption (L"", L"protection-password", _("Password for protected hidden volume"));
parser.AddOption (L"", L"random-source", _("Use file as source of random data"));
@@ -306,6 +308,20 @@ namespace VeraCrypt
throw_err (LangString["UNKNOWN_OPTION"] + L": " + str);
}
+ if (parser.Found (L"current-hash", &str))
+ {
+ ArgCurrentHash.reset();
+
+ foreach (shared_ptr <Hash> hash, Hash::GetAvailableAlgorithms())
+ {
+ if (wxString (hash->GetName()).IsSameAs (str, false))
+ ArgCurrentHash = hash;
+ }
+
+ if (!ArgCurrentHash)
+ throw_err (LangString["UNKNOWN_OPTION"] + L": " + str);
+ }
+
if (parser.Found (L"keyfiles", &str))
ArgKeyfiles = ToKeyfileList (str);
@@ -377,6 +393,22 @@ namespace VeraCrypt
ArgMountOptions.Protection = VolumeProtection::HiddenVolumeReadOnly;
}
+ if (parser.Found (L"protection-hash", &str))
+ {
+ bool bHashFound = false;
+ foreach (shared_ptr <Hash> hash, Hash::GetAvailableAlgorithms())
+ {
+ if (wxString (hash->GetName()).IsSameAs (str, false))
+ {
+ bHashFound = true;
+ ArgMountOptions.ProtectionKdf = Pkcs5Kdf::GetAlgorithm (*hash);
+ }
+ }
+
+ if (!bHashFound)
+ throw_err (LangString["UNKNOWN_OPTION"] + L": " + str);
+ }
+
ArgQuick = parser.Found (L"quick");
if (parser.Found (L"random-source", &str))
diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h
index c674597..d3c2a0b 100644
--- a/src/Main/CommandLineInterface.h
+++ b/src/Main/CommandLineInterface.h
@@ -61,6 +61,7 @@ namespace VeraCrypt
VolumeCreationOptions::FilesystemType::Enum ArgFilesystem;
bool ArgForce;
shared_ptr <Hash> ArgHash;
+ shared_ptr <Hash> ArgCurrentHash;
shared_ptr <KeyfileList> ArgKeyfiles;
MountOptions ArgMountOptions;
shared_ptr <DirectoryPath> ArgMountPoint;
diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp
index 83186c0..e07b7d3 100644..100755
--- a/src/Main/Forms/ChangePasswordDialog.cpp
+++ b/src/Main/Forms/ChangePasswordDialog.cpp
@@ -47,7 +47,7 @@ namespace VeraCrypt
throw ParameterIncorrect (SRC_POS);
}
- CurrentPasswordPanel = new VolumePasswordPanel (this, password, keyfiles);
+ CurrentPasswordPanel = new VolumePasswordPanel (this, password, keyfiles, false, true, true, false, true, true);
CurrentPasswordPanel->UpdateEvent.Connect (EventConnector <ChangePasswordDialog> (this, &ChangePasswordDialog::OnPasswordPanelUpdate));
CurrentPasswordPanelSizer->Add (CurrentPasswordPanel, 1, wxALL | wxEXPAND);
@@ -125,7 +125,7 @@ namespace VeraCrypt
#endif
wxBusyCursor busy;
Core->ChangePassword (Path, Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps,
- CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetKeyfiles(),
+ CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetKeyfiles(),
newPassword, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount());
}
diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp
index 69d821c..1ddb779 100644..100755
--- a/src/Main/Forms/MountOptionsDialog.cpp
+++ b/src/Main/Forms/MountOptionsDialog.cpp
@@ -30,7 +30,7 @@ namespace VeraCrypt
if (disableMountOptions)
OptionsButton->Show (false);
- PasswordPanel = new VolumePasswordPanel (this, options.Password, options.Keyfiles, !disableMountOptions);
+ PasswordPanel = new VolumePasswordPanel (this, options.Password, options.Keyfiles, !disableMountOptions, true, true, false, true, true);
PasswordPanel->SetCacheCheckBoxValidator (wxGenericValidator (&Options.CachePassword));
PasswordSizer->Add (PasswordPanel, 1, wxALL | wxEXPAND);
@@ -61,7 +61,7 @@ namespace VeraCrypt
OptionsButton->SetLabel (OptionsButtonLabel + L" >");
OptionsPanel->Show (false);
- ProtectionPasswordPanel = new VolumePasswordPanel (OptionsPanel, options.ProtectionPassword, options.ProtectionKeyfiles, false, true, true, false, false, _("P&assword to hidden volume:"));
+ ProtectionPasswordPanel = new VolumePasswordPanel (OptionsPanel, options.ProtectionPassword, options.ProtectionKeyfiles, false, true, true, false, true, true, _("P&assword to hidden volume:"));
ProtectionPasswordSizer->Add (ProtectionPasswordPanel, 1, wxALL | wxEXPAND);
UpdateDialog();
@@ -85,6 +85,7 @@ namespace VeraCrypt
TransferDataFromWindow();
Options.Password = PasswordPanel->GetPassword();
+ Options.Kdf = PasswordPanel->GetPkcs5Kdf();
Options.Keyfiles = PasswordPanel->GetKeyfiles();
if (ReadOnlyCheckBox->IsChecked())
@@ -95,6 +96,7 @@ namespace VeraCrypt
{
Options.Protection = VolumeProtection::HiddenVolumeReadOnly;
Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword();
+ Options.ProtectionKdf = ProtectionPasswordPanel->GetPkcs5Kdf();
Options.ProtectionKeyfiles = ProtectionPasswordPanel->GetKeyfiles();
}
else
diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp
index 597d014..1dac131 100644
--- a/src/Main/Forms/VolumeCreationWizard.cpp
+++ b/src/Main/Forms/VolumeCreationWizard.cpp
@@ -699,6 +699,7 @@ namespace VeraCrypt
{
VolumePasswordWizardPage *page = dynamic_cast <VolumePasswordWizardPage *> (GetCurrentPage());
Password = page->GetPassword();
+ Kdf = page->GetPkcs5Kdf();
Keyfiles = page->GetKeyfiles();
if (forward && Password && !Password->IsEmpty())
@@ -937,7 +938,7 @@ namespace VeraCrypt
});
#endif
- shared_ptr <Volume> outerVolume = Core->OpenVolume (make_shared <VolumePath> (SelectedVolumePath), true, Password, Keyfiles, VolumeProtection::ReadOnly);
+ shared_ptr <Volume> outerVolume = Core->OpenVolume (make_shared <VolumePath> (SelectedVolumePath), true, Password, Kdf, Keyfiles, VolumeProtection::ReadOnly);
MaxHiddenVolumeSize = Core->GetMaxHiddenVolumeSize (outerVolume);
// Add a reserve (in case the user mounts the outer volume and creates new files
diff --git a/src/Main/Forms/VolumeCreationWizard.h b/src/Main/Forms/VolumeCreationWizard.h
index abbf64c..3a87c4c 100644
--- a/src/Main/Forms/VolumeCreationWizard.h
+++ b/src/Main/Forms/VolumeCreationWizard.h
@@ -73,6 +73,7 @@ namespace VeraCrypt
VolumeHostType::Enum SelectedVolumeHostType;
VolumeType::Enum SelectedVolumeType;
shared_ptr <VolumePassword> Password;
+ shared_ptr <Pkcs5Kdf> Kdf;
uint32 SectorSize;
shared_ptr <Hash> SelectedHash;
uint64 VolumeSize;
diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp
index 5b1b9db..50f3eca 100644..100755
--- a/src/Main/Forms/VolumePasswordPanel.cpp
+++ b/src/Main/Forms/VolumePasswordPanel.cpp
@@ -14,7 +14,7 @@
namespace VeraCrypt
{
- VolumePasswordPanel::VolumePasswordPanel (wxWindow* parent, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, bool enableCache, bool enablePassword, bool enableKeyfiles, bool enableConfirmation, bool enablePkcs5Prf, const wxString &passwordLabel)
+ VolumePasswordPanel::VolumePasswordPanel (wxWindow* parent, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, bool enableCache, bool enablePassword, bool enableKeyfiles, bool enableConfirmation, bool enablePkcs5Prf, bool isMountPassword, const wxString &passwordLabel)
: VolumePasswordPanelBase (parent), Keyfiles (new KeyfileList)
{
if (keyfiles)
@@ -63,14 +63,20 @@ namespace VeraCrypt
Pkcs5PrfStaticText->Show (enablePkcs5Prf);
Pkcs5PrfChoice->Show (enablePkcs5Prf);
- HeaderWipeCountText->Show (enablePkcs5Prf);
- HeaderWipeCount->Show (enablePkcs5Prf);
+ HeaderWipeCountText->Show (enablePkcs5Prf && !isMountPassword);
+ HeaderWipeCount->Show (enablePkcs5Prf && !isMountPassword);
if (enablePkcs5Prf)
{
+ if (isMountPassword)
+ {
+ // case of password for mounting
+ Pkcs5PrfChoice->Delete (0);
+ Pkcs5PrfChoice->Append (LangString["AUTODETECTION"]);
+ }
foreach_ref (const Pkcs5Kdf &kdf, Pkcs5Kdf::GetAvailableAlgorithms())
{
- if (!kdf.IsDeprecated())
+ if (!kdf.IsDeprecated() || isMountPassword)
Pkcs5PrfChoice->Append (kdf.GetName());
}
Pkcs5PrfChoice->Select (0);
diff --git a/src/Main/Forms/VolumePasswordPanel.h b/src/Main/Forms/VolumePasswordPanel.h
index f7f6e7c..465a430 100644..100755
--- a/src/Main/Forms/VolumePasswordPanel.h
+++ b/src/Main/Forms/VolumePasswordPanel.h
@@ -18,7 +18,7 @@ namespace VeraCrypt
class VolumePasswordPanel : public VolumePasswordPanelBase
{
public:
- VolumePasswordPanel (wxWindow* parent, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, bool enableCache = false, bool enablePassword = true, bool enableKeyfiles = true, bool enableConfirmation = false, bool enablePkcs5Prf = false, const wxString &passwordLabel = wxString());
+ VolumePasswordPanel (wxWindow* parent, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, bool enableCache = false, bool enablePassword = true, bool enableKeyfiles = true, bool enableConfirmation = false, bool enablePkcs5Prf = false, bool isMountPassword = false, const wxString &passwordLabel = wxString());
virtual ~VolumePasswordPanel ();
void AddKeyfile (shared_ptr <Keyfile> keyfile);
diff --git a/src/Main/Forms/VolumePasswordWizardPage.cpp b/src/Main/Forms/VolumePasswordWizardPage.cpp
index 1034c22..61ff999 100644..100755
--- a/src/Main/Forms/VolumePasswordWizardPage.cpp
+++ b/src/Main/Forms/VolumePasswordWizardPage.cpp
@@ -15,7 +15,7 @@ namespace VeraCrypt
VolumePasswordWizardPage::VolumePasswordWizardPage (wxPanel* parent, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, bool enableConfirmation)
: VolumePasswordWizardPageBase (parent), ConfirmationMode (enableConfirmation)
{
- PasswordPanel = new VolumePasswordPanel (this, password, keyfiles, false, true, true, enableConfirmation);
+ PasswordPanel = new VolumePasswordPanel (this, password, keyfiles, false, true, true, enableConfirmation, !enableConfirmation, !enableConfirmation);
PasswordPanel->UpdateEvent.Connect (EventConnector <VolumePasswordWizardPage> (this, &VolumePasswordWizardPage::OnPasswordPanelUpdate));
PasswordPanelSizer->Add (PasswordPanel, 1, wxALL | wxEXPAND);
diff --git a/src/Main/Forms/VolumePasswordWizardPage.h b/src/Main/Forms/VolumePasswordWizardPage.h
index 8aaf30d..13a98c6 100644
--- a/src/Main/Forms/VolumePasswordWizardPage.h
+++ b/src/Main/Forms/VolumePasswordWizardPage.h
@@ -22,6 +22,7 @@ namespace VeraCrypt
shared_ptr <KeyfileList> GetKeyfiles () const { return PasswordPanel->GetKeyfiles(); }
shared_ptr <VolumePassword> GetPassword () const { return PasswordPanel->GetPassword(); }
+ shared_ptr <Pkcs5Kdf> GetPkcs5Kdf () const { return PasswordPanel->GetPkcs5Kdf(); }
bool IsValid ();
void SetMaxStaticTextWidth (int width) { InfoStaticText->Wrap (width); }
void SetPageText (const wxString &text) { InfoStaticText->SetLabel (text); }
diff --git a/src/Main/GraphicUserInterface.cpp b/src/Main/GraphicUserInterface.cpp
index 440125e..889d49c 100644..100755
--- a/src/Main/GraphicUserInterface.cpp
+++ b/src/Main/GraphicUserInterface.cpp
@@ -177,9 +177,11 @@ namespace VeraCrypt
options->Path,
options->PreserveTimestamps,
options->Password,
+ options->Kdf,
options->Keyfiles,
options->Protection,
options->ProtectionPassword,
+ options->ProtectionKdf,
options->ProtectionKeyfiles,
true,
volumeType,
@@ -1261,9 +1263,11 @@ namespace VeraCrypt
options.Path,
options.PreserveTimestamps,
options.Password,
+ options.Kdf,
options.Keyfiles,
options.Protection,
options.ProtectionPassword,
+ options.ProtectionKdf,
options.ProtectionKeyfiles,
options.SharedAccessAllowed,
VolumeType::Unknown,
@@ -1373,7 +1377,7 @@ namespace VeraCrypt
// Decrypt header
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password);
- if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
+ if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Kdf, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
{
decryptedLayout = layout;
break;
diff --git a/src/Main/GraphicUserInterface.h b/src/Main/GraphicUserInterface.h
index 6fa51c4..890ab5d 100644..100755
--- a/src/Main/GraphicUserInterface.h
+++ b/src/Main/GraphicUserInterface.h
@@ -29,7 +29,7 @@ namespace VeraCrypt
virtual void BackupVolumeHeaders (shared_ptr <VolumePath> volumePath) const;
virtual void BeginBusyState () const { wxBeginBusyCursor(); }
virtual void BeginInteractiveBusyState (wxWindow *window);
- virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const { ThrowTextModeRequired(); }
+ virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <Hash> currentHash = shared_ptr <Hash>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const { ThrowTextModeRequired(); }
wxHyperlinkCtrl *CreateHyperlink (wxWindow *parent, const wxString &linkUrl, const wxString &linkText) const;
virtual void CreateKeyfile (shared_ptr <FilePath> keyfilePath = shared_ptr <FilePath>()) const;
virtual void CreateVolume (shared_ptr <VolumeCreationOptions> options) const { ThrowTextModeRequired(); }
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp
index f9693cb..9cc5232 100644..100755
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -244,6 +244,12 @@ namespace VeraCrypt
#endif
ShowInfo ("EXTERNAL_VOL_HEADER_BAK_FIRST_INFO");
+
+ shared_ptr <Pkcs5Kdf> kdf;
+ if (CmdLine->ArgHash)
+ {
+ kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash);
+ }
shared_ptr <Volume> normalVolume;
shared_ptr <Volume> hiddenVolume;
@@ -274,9 +280,11 @@ namespace VeraCrypt
options->Path,
options->PreserveTimestamps,
options->Password,
+ kdf,
options->Keyfiles,
options->Protection,
options->ProtectionPassword,
+ options->ProtectionKdf,
options->ProtectionKeyfiles,
true,
volumeType,
@@ -359,7 +367,7 @@ namespace VeraCrypt
ShowInfo ("VOL_HEADER_BACKED_UP");
}
- void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const
+ void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, shared_ptr <Hash> currentHash, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const
{
shared_ptr <Volume> volume;
@@ -378,6 +386,12 @@ namespace VeraCrypt
bool passwordInteractive = !password.get();
bool keyfilesInteractive = !keyfiles.get();
+ shared_ptr<Pkcs5Kdf> kdf;
+ if (currentHash)
+ {
+ kdf = Pkcs5Kdf::GetAlgorithm (*currentHash);
+ }
+
while (true)
{
// Current password
@@ -406,7 +420,7 @@ namespace VeraCrypt
try
{
keyfiles.reset (new KeyfileList);
- volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, keyfiles);
+ volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, keyfiles);
}
catch (PasswordException&)
{
@@ -416,7 +430,7 @@ namespace VeraCrypt
}
if (!volume.get())
- volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, keyfiles);
+ volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, keyfiles);
}
catch (PasswordException &e)
{
@@ -1285,6 +1299,12 @@ namespace VeraCrypt
// Ask whether to restore internal or external backup
bool restoreInternalBackup;
+ shared_ptr <Pkcs5Kdf> kdf;
+ if (CmdLine->ArgHash)
+ {
+ kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash);
+ }
+
ShowInfo (LangString["HEADER_RESTORE_EXTERNAL_INTERNAL"]);
ShowInfo (L"\n1) " + LangString["HEADER_RESTORE_INTERNAL"]);
ShowInfo (L"2) " + LangString["HEADER_RESTORE_EXTERNAL"] + L"\n");
@@ -1325,9 +1345,11 @@ namespace VeraCrypt
options.Path,
options.PreserveTimestamps,
options.Password,
+ kdf,
options.Keyfiles,
options.Protection,
options.ProtectionPassword,
+ options.ProtectionKdf,
options.ProtectionKeyfiles,
options.SharedAccessAllowed,
VolumeType::Unknown,
@@ -1432,7 +1454,7 @@ namespace VeraCrypt
// Decrypt header
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password);
- if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
+ if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
{
decryptedLayout = layout;
break;
diff --git a/src/Main/TextUserInterface.h b/src/Main/TextUserInterface.h
index 8721395..c26298e 100644..100755
--- a/src/Main/TextUserInterface.h
+++ b/src/Main/TextUserInterface.h
@@ -30,7 +30,7 @@ namespace VeraCrypt
virtual bool AskYesNo (const wxString &message, bool defaultYes = false, bool warning = false) const;
virtual void BackupVolumeHeaders (shared_ptr <VolumePath> volumePath) const;
virtual void BeginBusyState () const { }
- virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const;
+ virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <Hash> currentHash = shared_ptr <Hash>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const;
virtual void CreateKeyfile (shared_ptr <FilePath> keyfilePath = shared_ptr <FilePath>()) const;
virtual void CreateVolume (shared_ptr <VolumeCreationOptions> options) const;
virtual void DeleteSecurityTokenKeyfiles () const;
diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp
index f66e28d..4306dec 100644..100755
--- a/src/Main/UserInterface.cpp
+++ b/src/Main/UserInterface.cpp
@@ -883,6 +883,11 @@ namespace VeraCrypt
cmdLine.ArgMountOptions.Password = cmdLine.ArgPassword;
cmdLine.ArgMountOptions.Keyfiles = cmdLine.ArgKeyfiles;
cmdLine.ArgMountOptions.SharedAccessAllowed = cmdLine.ArgForce;
+ if (cmdLine.ArgHash)
+ {
+ cmdLine.ArgMountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*cmdLine.ArgHash);
+ }
+
VolumeInfoList mountedVolumes;
switch (cmdLine.ArgCommand)
@@ -965,7 +970,7 @@ namespace VeraCrypt
return true;
case CommandId::ChangePassword:
- ChangePassword (cmdLine.ArgVolumePath, cmdLine.ArgPassword, cmdLine.ArgKeyfiles, cmdLine.ArgNewPassword, cmdLine.ArgNewKeyfiles, cmdLine.ArgHash);
+ ChangePassword (cmdLine.ArgVolumePath, cmdLine.ArgPassword, cmdLine.ArgCurrentHash, cmdLine.ArgKeyfiles, cmdLine.ArgNewPassword, cmdLine.ArgNewKeyfiles, cmdLine.ArgHash);
return true;
case CommandId::CreateKeyfile:
diff --git a/src/Main/UserInterface.h b/src/Main/UserInterface.h
index f7ebee0..ae74ae9 100644..100755
--- a/src/Main/UserInterface.h
+++ b/src/Main/UserInterface.h
@@ -29,7 +29,7 @@ namespace VeraCrypt
virtual bool AskYesNo (const wxString &message, bool defaultYes = false, bool warning = false) const = 0;
virtual void BackupVolumeHeaders (shared_ptr <VolumePath> volumePath) const = 0;
virtual void BeginBusyState () const = 0;
- virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const = 0;
+ virtual void ChangePassword (shared_ptr <VolumePath> volumePath = shared_ptr <VolumePath>(), shared_ptr <VolumePassword> password = shared_ptr <VolumePassword>(), shared_ptr <Hash> currentHash = shared_ptr <Hash>(), shared_ptr <KeyfileList> keyfiles = shared_ptr <KeyfileList>(), shared_ptr <VolumePassword> newPassword = shared_ptr <VolumePassword>(), shared_ptr <KeyfileList> newKeyfiles = shared_ptr <KeyfileList>(), shared_ptr <Hash> newHash = shared_ptr <Hash>()) const = 0;
virtual void CheckRequirementsForMountingVolume () const;
virtual void CloseExplorerWindows (shared_ptr <VolumeInfo> mountedVolume) const;
virtual void CreateKeyfile (shared_ptr <FilePath> keyfilePath = shared_ptr <FilePath>()) const = 0;
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h
index 8618bb9..19267b0 100644
--- a/src/Volume/Pkcs5Kdf.h
+++ b/src/Volume/Pkcs5Kdf.h
@@ -31,6 +31,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const = 0;
virtual int GetIterationCount () const = 0;
virtual wstring GetName () const = 0;
+ virtual Pkcs5Kdf* Clone () const = 0;
virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); }
protected:
@@ -53,6 +54,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
virtual int GetIterationCount () const { return 655331; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); }
private:
Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &);
@@ -69,6 +71,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); }
virtual int GetIterationCount () const { return 327661; }
virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); }
private:
Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &);
@@ -85,6 +88,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
virtual int GetIterationCount () const { return 200000; }
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); }
private:
Pkcs5HmacSha256_Boot (const Pkcs5HmacSha256_Boot &);
@@ -101,6 +105,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-SHA-256"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256(); }
private:
Pkcs5HmacSha256 (const Pkcs5HmacSha256 &);
@@ -117,6 +122,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-SHA-512"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); }
private:
Pkcs5HmacSha512 (const Pkcs5HmacSha512 &);
@@ -133,6 +139,7 @@ namespace VeraCrypt
virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); }
virtual int GetIterationCount () const { return 500000; }
virtual wstring GetName () const { return L"HMAC-Whirlpool"; }
+ virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; }
private:
Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &);
diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp
index 2c319ad..12bc9a1 100644..100755
--- a/src/Volume/Volume.cpp
+++ b/src/Volume/Volume.cpp
@@ -62,7 +62,7 @@ namespace VeraCrypt
return EA->GetMode();
}
- void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
make_shared_auto (File, file);
@@ -93,10 +93,10 @@ namespace VeraCrypt
throw;
}
- return Open (file, password, keyfiles, protection, protectionPassword, protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+ return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
}
- void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
if (!volumeFile)
throw ParameterIncorrect (SRC_POS);
@@ -189,7 +189,7 @@ namespace VeraCrypt
shared_ptr <VolumeHeader> header = layout->GetHeader();
- if (header->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
+ if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes))
{
// Header decrypted
@@ -238,9 +238,9 @@ namespace VeraCrypt
Volume protectedVolume;
protectedVolume.Open (VolumeFile,
- protectionPassword, protectionKeyfiles,
+ protectionPassword, protectionKdf, protectionKeyfiles,
VolumeProtection::ReadOnly,
- shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> (),
+ shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
VolumeType::Hidden,
useBackupHeaders);
diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
index dce2aa3..dcc6eb0 100644..100755
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -89,8 +89,8 @@ namespace VeraCrypt
uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
bool IsInSystemEncryptionScope () const { return SystemEncryption; }
- void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
- void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp
index e7a47d2..fbdece5 100644..100755
--- a/src/Volume/VolumeHeader.cpp
+++ b/src/Volume/VolumeHeader.cpp
@@ -78,7 +78,7 @@ namespace VeraCrypt
EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf);
}
- bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
+ bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes)
{
if (password.Size() < 1)
throw PasswordEmpty (SRC_POS);
@@ -89,6 +89,9 @@ namespace VeraCrypt
foreach (shared_ptr <Pkcs5Kdf> pkcs5, keyDerivationFunctions)
{
+ if (kdf && (kdf->GetName() != pkcs5->GetName()))
+ continue;
+
pkcs5->DeriveKey (headerKey, password, salt);
foreach (shared_ptr <EncryptionMode> mode, encryptionModes)
diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h
index 8ce56fd..cb567f2 100644..100755
--- a/src/Volume/VolumeHeader.h
+++ b/src/Volume/VolumeHeader.h
@@ -56,7 +56,7 @@ namespace VeraCrypt
virtual ~VolumeHeader ();
void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options);
- bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
+ bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes);
void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; }
uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; }