- favorite.TrueCryptMode = (prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope))? 1 : 0;

-

- /* Global System Favorites settings */

-

- if (SystemFavoritesMode)

- BootEncryption BootEncObj (NULL);

- if (BootEncObj.GetStatus().DriveMounted)

- try

- {

- uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;

- if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))

- BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);

- SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));

- }

- catch (Exception &e)

- e.Show (hwndDlg);

- }

- /* (System) Favorites list */

- if (SelectedItem != -1 && !Favorites.empty())

- SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode);

- if (SaveFavoriteVolumes (hwndDlg, Favorites, SystemFavoritesMode))

- {

- if (!SystemFavoritesMode)

- bMountFavoritesOnLogon = FALSE;

-

- foreach (const FavoriteVolume &favorite, Favorites)

- if (favorite.MountOnLogOn)

- bMountFavoritesOnLogon = TRUE;

- break;

- }

- if (!bEnableBkgTask || bCloseBkgTaskWhenNoVolumes || IsNonInstallMode())

- {

- foreach (const FavoriteVolume favorite, Favorites)

- if (favorite.MountOnArrival)

- Warning ("FAVORITE_ARRIVAL_MOUNT_BACKGROUND_TASK_ERR", hwndDlg);

- break;

- }

- FavoriteVolumes = Favorites;

- ManageStartupSeq();

- SaveSettings (hwndDlg);

- }

- else

- SystemFavoriteVolumes = Favorites;

- OnFavoriteVolumesUpdated();

- LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0);

- EndDialog (hwndDlg, IDOK);

- }

- XmlGetAttributeText (xml, "TrueCryptMode", boolVal, sizeof (boolVal));

- if (boolVal[0])

- favorite.TrueCryptMode = (boolVal[0] == '1')? 1 : 0;

- else

- favorite.TrueCryptMode = -1;

-

- if (favorite.TrueCryptMode > 0)

- favorite.Pim = 0;

-

- || (favorite.TrueCryptMode == 1 && (0 == get_pkcs5_iteration_count (favorite.Pkcs5, 0, TRUE, favorite.SystemEncryption? TRUE : FALSE)))

- if ((favorite.Pim >= 0) && (favorite.TrueCryptMode <= 0))

- if (favorite.TrueCryptMode > 0)

- s += L" TrueCryptMode=\"1\"";

- else if (favorite.TrueCryptMode == 0)

- s += L" TrueCryptMode=\"0\"";

-

- SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, (favorite.TrueCryptMode > 0)? TRUE : FALSE);

- if (!favorite.SystemEncryption || (favorite.TrueCryptMode != 1) || (i == RIPEMD160))

- {

- nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));

- SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);

- if (favorite.Pkcs5 == i)

- nSelected = nIndex;

- }

- EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), enable && !favorite.SystemEncryption);

- BOOL selectedTrueCryptMode = (IsDlgButtonChecked (hwndDlg, IDC_TRUECRYPT_MODE) != 0)? 1 : 0;

- if ((favorite.TrueCryptMode >= 0) || selectedTrueCryptMode)

- favorite.TrueCryptMode = selectedTrueCryptMode;

-

- if (favorite.TrueCryptMode == 1)

- {

- if ((favorite.Pkcs5 > 0) && !is_pkcs5_prf_supported (favorite.Pkcs5, TRUE, favorite.SystemEncryption? PRF_BOOT_MBR : PRF_BOOT_NO))

- {

- Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- favorite.Pkcs5 = 0;

- }

-

- if (favorite.Pim > 0)

- {

- Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- favorite.Pim = 0;

- }

- }

- TrueCryptMode (-1),

- int TrueCryptMode;

- virtual void STDMETHODCALLTYPE AnalyzeKernelMiniDump (LONG_PTR hwndDlg)

- virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume)

- virtual int STDMETHODCALLTYPE RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume)

- virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)

- return ::ChangePwd (volumePath, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);

- virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)

- return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);

- virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)

- return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);

- virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd)

- return ::ChangePwd (volumePath, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (HWND) hWnd);

- CoInitialize (NULL);

- r = tc->BackupVolumeHeader ((LONG_PTR) hwndDlg, bRequireConfirmation, volumeBstr);

- CoInitialize (NULL);

- r = tc->RestoreVolumeHeader ((LONG_PTR) hwndDlg, volumeBstr);

-extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)

- CoInitialize (NULL);

- r = tc->ChangePasswordEx3 (bstrVolume, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (LONG_PTR) hwndDlg);

-int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);

- version(2.10) // Update ComSetup.cpp when changing version number

- void AnalyzeKernelMiniDump (LONG_PTR hwndDlg);

- int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume);

- int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

- int RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume);

- int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

- int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

- int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, LONG_PTR hWnd);

-BOOL VolumeTrueCryptMode = FALSE;

-BOOL CmdVolumeTrueCryptMode = FALSE;

-BOOL DefaultVolumeTrueCryptMode = FALSE;

-KeyFile *FirstCmdKeyFile;

-static KeyFilesDlgParam hidVolProtKeyFilesParam;

-static void RegisterWtsNotification(HWND hWnd)

-static void UnregisterWtsNotification(HWND hWnd)

- HRESULT hr = CoInitialize(NULL);

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode));

- UnregisterWtsNotification(hwndDlg);

- // initialize the list of devices available for mounting as early as possible

- UpdateMountableHostDeviceList ();

- ConfigReadCompareInt ("DefaultTrueCryptMode", FALSE, &DefaultVolumeTrueCryptMode, bOnlyCheckModified, pbSettingsModified);

- if (DefaultVolumeTrueCryptMode != TRUE && DefaultVolumeTrueCryptMode != FALSE)

- DefaultVolumeTrueCryptMode = FALSE;

- ConfigWriteInt ("DefaultTrueCryptMode", DefaultVolumeTrueCryptMode);

- EAGetName (szTmp, propSysEnc.ea, 1);

- EAGetName (szTmp, bSysEncPartition ? propSysEnc.ea : driver.ea[i], 1);

- if (driver.truecryptMode[i])

- {

- StringCbPrintfW (szTmpW, sizeof(szTmpW), L"TrueCrypt-%s", ws);

- ListSubItemSet (hTree, listItem.iItem, 4, szTmpW);

- }

- else

- ListSubItemSet (hTree, listItem.iItem, 4, ws);

- BOOL truecryptMode;

- *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);

- *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);

- BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;

- if (!EffectiveVolumeTrueCryptMode)

- EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;

- /* check TrueCrypt Mode if it was set as default*/

- SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, EffectiveVolumeTrueCryptMode);

-

- /* No support for changing the password of TrueCrypt system partition */

- SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);

- EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);

-

- if (lw == IDC_TRUECRYPT_MODE)

- {

- BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;

- EnableWindow (GetDlgItem (hwndDlg, IDT_OLD_PIM), bEnablePim);

- EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM), bEnablePim);

- EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM_HELP), bEnablePim);

- }

-

- BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

- int iMaxPasswordLength = (bUseLegacyMaxPasswordLength || truecryptMode)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;

-

- if (truecryptMode && !is_pkcs5_prf_supported (old_pkcs5, TRUE, PRF_BOOT_NO))

- {

- Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- return 1;

- }

- else if (truecryptMode && (old_pim != 0))

- {

- Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- return 1;

- }

- if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, iMaxPasswordLength + 1, truecryptMode, TRUE))

- changePwdParam.truecryptMode = truecryptMode;

- static BOOL* truecryptMode;

- truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;

- /* Disable TrueCrypt mode option in case of backup/restore header operation */

- SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);

- EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);

- }

- else if (*truecryptMode)

- {

- /* Check TrueCryptMode if it is enabled on the command line */

- SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, TRUE);

- SetTimer (hwndDlg, TIMER_ID_CHECK_FOREGROUND, TIMER_INTERVAL_CHECK_FOREGROUND, NULL);

- EndDialog (hwndDlg, IDCANCEL);

- return 1;

-

- if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)

- if (lw == IDC_TRUECRYPT_MODE)

- {

- BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;

- EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), bEnablePim);

- EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), bEnablePim);

- EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), bEnablePim);

- }

-

- BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

- int iMaxPasswordLength = (bUseLegacyMaxPasswordLength || bTrueCryptMode)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;

- if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, iMaxPasswordLength + 1, bTrueCryptMode, TRUE))

- *truecryptMode = bTrueCryptMode;

-

- /* check that PRF is supported in TrueCrypt Mode */

- if ( (*truecryptMode)

- && ((!is_pkcs5_prf_supported (*pkcs5, TRUE, PRF_BOOT_NO)) || (mountOptions.ProtectHiddenVolume && !is_pkcs5_prf_supported (mountOptions.ProtectedHidVolPkcs5Prf, TRUE, PRF_BOOT_NO)))

- )

- {

- Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- return 1;

- }

-

- if ( (*truecryptMode)

- && (*pim != 0)

- )

- {

- Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- return 1;

- }

- bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope);

- if (truecryptMode)

- {

- StringCbPrintfW (sw, sizeof(sw), L"TrueCrypt - %s", s);

- ListSubItemSet (list, i++, 1, sw);

- }

- else

- ListSubItemSet (list, i++, 1, s);

- EAGetName (szTmp, prop.ea, 1);

- EAGetName (name, prop.ea, 1);

- wcscat (date, sw);

- wcscat (date, sw);

- if (BrowseDirectories (hwndDlg, "SELECT_DEST_DIR", dstPath))

- StringCbPrintfW (srcPath, sizeof(srcPath), L"%s\\VeraCrypt Setup.exe", appDir);

- if (!VerifyPackageIntegrity (srcPath) || !SelfExtractInMemory (srcPath))

- for (fileNo = 0; fileNo < NBR_COMPRESSED_FILES; fileNo++)

-static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)

- dlgParam.truecryptMode = truecryptMode;

- *truecryptMode = FALSE;

-static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim, int pkcs5, int trueCryptMode)

- BOOL EffectiveVolumeTrueCryptMode = FALSE;

- if (trueCryptMode >= 0)

- EffectiveVolumeTrueCryptMode = (trueCryptMode == 0)? FALSE : TRUE;

- else if (CmdVolumeTrueCryptMode)

- EffectiveVolumeTrueCryptMode = TRUE;

- else

- EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;

-

- if (EffectiveVolumeTrueCryptMode)

- {

- /* No PIM Mode if TrueCrypt Mode specified */

- EffectiveVolumePim = 0;

-

- /* valdate the effective PRF is compatible with TrueCrypt Mode */

- if (!is_pkcs5_prf_supported (EffectiveVolumePkcs5, TRUE, mountOptions.PartitionInInactiveSysEncScope? PRF_BOOT_MBR : PRF_BOOT_NO))

- EffectiveVolumePkcs5 = 0;

- }

-

- VolumeTrueCryptMode = FALSE;

- if (EffectiveVolumeTrueCryptMode)

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- else

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- if (EffectiveVolumeTrueCryptMode)

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- else

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- // try TrueCrypt mode first as it is quick, only if no custom pim specified

- if (EffectiveVolumeTrueCryptMode)

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- else // if no PIM specified for favorite, we use also the PIM of the previous volume alongside its password.

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, (EffectiveVolumePim < 0)? VolumePim : EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;

- BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))

- VolumeTrueCryptMode = GuiTrueCryptMode;

- burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent);

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- SecurityToken::CloseAllSessions();

-

- if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ())

- LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0);

- Mount (hwndDlg, -1, 0, -1, -1, -1);

- if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ())

- LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0);

-

- if (IsOSAtLeast (WIN_7))

- // Undo SHCNE_DRIVEREMOVED

- if ( DeviceIoControl (hDriver, TC_IOCTL_GET_MOUNTED_VOLUMES, NULL, 0, &mountList, sizeof (mountList), &dwResult, NULL)

- && mountList.ulMountedDrives

- && (mountList.ulMountedDrives < (1 << 26))

- )

- for (i = 0; i < 26; i++)

- if (mountList.ulMountedDrives & (1 << i))

- {

- wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 };

- SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL);

- }

- BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;

- if (!EffectiveVolumeTrueCryptMode)

- EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;

- BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))

- VolumeTrueCryptMode = GuiTrueCryptMode;

- burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

- VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;

- if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0

- || ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0)))

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- SecurityToken::CloseAllSessions();

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- WaitCursor();

-

- NormalCursor ();

-

- !BootEncStatus.DriveEncrypted ? 0 : (BootEncStatus.EncryptedAreaEnd + 1 - BootEncStatus.EncryptedAreaStart) * 100I64 / (BootEncStatus.ConfiguredEncryptedAreaEnd + 1 - BootEncStatus.ConfiguredEncryptedAreaStart));

- if (BrowseFiles (hwndDlg, "OPEN_VOL_TITLE", szFileName, bHistory, FALSE, NULL) == FALSE)

- MountSelectedVolume (hwndDlg, FALSE);

- MountSelectedVolume (hwndDlg, FALSE);

- BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;

- if (!EffectiveVolumeTrueCryptMode)

- EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;

- szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount,

- mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);

- FirstKeyFile = FirstCmdKeyFile;

- BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))

- VolumeTrueCryptMode = GuiTrueCryptMode;

- burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

- mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE);

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- RegisterWtsNotification(hwndDlg);

- SecurityToken::CloseAllSessions();

- UnregisterWtsNotification(hwndDlg);

- SecurityToken::CloseAllSessions();

- UpdateMountableHostDeviceList ();

- SecurityToken::CloseAllSessions();

- UnregisterWtsNotification(hwndDlg);

- UnregisterWtsNotification(hwndDlg);

- UnregisterWtsNotification(hwndDlg);

- if ((lw == IDOK || lw == IDM_MOUNT_VOLUME || lw == IDM_MOUNT_VOLUME_OPTIONS))

- MountSelectedVolume (hwndDlg, lw == IDM_MOUNT_VOLUME_OPTIONS);

- SecurityToken::CloseAllSessions();

- RegisterWtsNotification(hwndDlg);

- UnregisterWtsNotification(hwndDlg);

- if (!(nCurrentOS == WIN_2000 && RemoteSession))

- {

- BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, ~driveMap);

- Sleep (100);

- BroadcastDeviceChange (DBT_DEVICEARRIVAL, 0, driveMap);

- }

- OptionTrueCryptMode,

- { OptionTrueCryptMode, L"/truecrypt", L"/tc", FALSE },

- wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0};

- else if (_wcsicmp(szTmp, L"ripemd160") == 0)

- CmdVolumePkcs5 = RIPEMD160;

- case OptionTrueCryptMode:

- CmdVolumeTrueCryptMode = TRUE;

- break;

-

- if (CmdVolumePasswordValid && (CmdVolumeTrueCryptMode || (CmdMountOptionsValid && bPrebootPasswordDlgMode)))

- /* truncate the password to 64 first characer in case of TrueCrypt Mode or System Encryption */

- if (bSystemIsGPT)

- {

- uint32 serviceFlags = BootEncObj->ReadServiceConfigurationFlags ();

- if (!(serviceFlags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))

- {

- try

- {

- BootEncryption::UpdateSetupConfigFile (true);

- if (!BootEncStatus.HiddenSystem)

- {

- // re-install our bootloader again in case the update process has removed it.

- BootEncryption bootEnc (NULL, true);

- bootEnc.InstallBootLoader (true);

- }

- }

- catch (...)

- {

- }

- }

- }

- if (IsOSAtLeast (WIN_VISTA))

- SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;

- if ((argc >= 2) && (0 == _wcsicmp (argv[1], VC_SYSTEM_FAVORITES_SERVICE_ARG_SKIP_MOUNT)))

- bSkipMount = TRUE;

- // initialize the list of devices available for mounting as early as possible

- UpdateMountableHostDeviceList ();

- FinalizeApp ();

- | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray

- | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray

- SecurityToken::CloseAllSessions();

- status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim, favorite.Pkcs5, favorite.TrueCryptMode);

- SystemFavoritesServiceLogInfo (wstring (L"Updating list of host devices"));

- UpdateMountableHostDeviceList ();

-

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- SecurityToken::CloseAllSessions();

- UnregisterWtsNotification(hwndDlg);

- SecurityToken::CloseAllSessions();

- if (!AskVolumePassword (hwndDlg, askPassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))

- nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPim, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE);

- if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, TRUE, NULL))

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, NULL, FALSE))

- nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE);

- if (!BrowseFiles (hwndDlg, "OPEN_TITLE", szFileName, bHistory, FALSE, NULL))

- if (!bDevice && bPreserveTimestamp)

- {

- /* Remember the container modification/creation date and time. */

-

- if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0)

- bTimeStampValid = FALSE;

- else

- bTimeStampValid = TRUE;

- }

- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))

- nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, &restoredCryptoInfo, NULL);

- burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

- if (IsOSAtLeast (WIN_7) && IsRamEncryptionSupported())

- SYSTEM_INFO sysInfo;

- GetSystemInfo (&sysInfo);

- if (encryptionFreeCpuCount > sysInfo.dwNumberOfProcessors - 1)

- encryptionFreeCpuCount = sysInfo.dwNumberOfProcessors - 1;

- for (uint32 i = 1; i < sysInfo.dwNumberOfProcessors; ++i)

- if (sysInfo.dwNumberOfProcessors < 2 || encryptionFreeCpuCount == 0)

- if (sysInfo.dwNumberOfProcessors < 2)

- SetDlgItemTextW (hwndDlg, IDC_HW_AES_SUPPORTED_BY_CPU, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? "UISTR_YES" : "UISTR_NO"))).c_str());

- if (IsOSAtLeast (WIN_7))

- BOOL originalRamEncryptionEnabled = (driverConfig & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION)? TRUE : FALSE;

- if (originalRamEncryptionEnabled != enableRamEncryption)

- rebootRequired = true;

- SetDriverConfigurationFlag (VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION, enableRamEncryption);

- SecurityToken::CloseLibrary();

-

- SendMessage (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), BM_SETCHECK,

- DefaultVolumeTrueCryptMode ? BST_CHECKED:BST_UNCHECKED, 0);

-

- BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

- /* check that PRF is supported in TrueCrypt Mode */

- if ( (truecryptMode)

- && (!is_pkcs5_prf_supported(pkcs5, TRUE, PRF_BOOT_NO))

- )

- {

- Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

- }

- else

- {

- WaitCursor ();

- DefaultVolumeTrueCryptMode = truecryptMode;

- DefaultVolumePkcs5 = pkcs5;

- SaveSettings (hwndDlg);

- NormalCursor ();

- EndDialog (hwndDlg, lw);

- }

- std::string dcsprop = ReadESPFile (L"\\EFI\\VeraCrypt\\DcsProp", true);

- if (validateDcsPropXml (dcsprop.c_str()))

- WriteESPFile (L"\\EFI\\VeraCrypt\\DcsProp", (LPBYTE) dcsprop.c_str(), (DWORD) dcsprop.size(), true);

- byte userConfig;

- try

- {

- if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig))

- return 1;

- }

- catch (Exception &e)

- {

- e.Show (hwndDlg);

- return 1;

- }

- if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT))

- userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH;

- else

- userConfig &= ~TC_BOOT_USER_CFG_FLAG_STORE_HASH;

- userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE;

- else

- userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE;

- if (!IsDlgButtonChecked (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS))

- userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;

- else

- userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;

- BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);

- if (!IsHiddenOSRunning ()) /* we don't need to update TRIM config for hidden OS since it's always blocked */

- Warning ("CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING", hwndDlg);

-void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions)

- BOOL* truecryptMode;

-void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions);

- <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>

- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,193,35,83,10

- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,170,28,76,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10

- CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10

-IDD_TOKEN_PREFERENCES DIALOGEX 0, 0, 316, 199

- DEFPUSHBUTTON "OK",IDOK,205,178,50,14

- PUSHBUTTON "Cancel",IDCANCEL,259,178,50,14

-IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 375, 194

- GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,7,131,355,36

- PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,10,144,173,14

- PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,187,144,173,14

- PUSHBUTTON "Cancel",IDCANCEL,313,170,50,14

- DEFPUSHBUTTON "OK",IDOK,255,170,50,14

-IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 293

- CONTROL "Do not use the following number of processors for encryption/decryption:",IDC_LIMIT_ENC_THREAD_POOL,

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,212,337,10

- PUSHBUTTON "&Benchmark",IDC_BENCHMARK,7,272,59,14

- DEFPUSHBUTTON "OK",IDOK,257,272,50,14

- PUSHBUTTON "Cancel",IDCANCEL,314,272,50,14

- LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9

- GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74

- GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93

- GROUPBOX "Driver Configuration",IDT_DRIVER_OPTIONS,7,183,357,86

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,226,337,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,240,335,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,254,337,10

- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,189,168,76,10

- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10

-IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 371, 310

- "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,340,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,340,10

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,251,340,10

- PUSHBUTTON "Cancel",IDCANCEL,314,286,50,14

- DEFPUSHBUTTON "OK",IDOK,257,286,50,14

- GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,9,7,355,165

- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,9,177,355,105

- CONTROL "Clear encryption keys from memory if a new device is inserted",IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION,

- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,265,340,10

- BOTTOMMARGIN, 184

- BOTTOMMARGIN, 286

- BOTTOMMARGIN, 300

- FILEVERSION 1,24,5,0

- PRODUCTVERSION 1,24,5,0

- VALUE "FileVersion", "1.24-Beta5"

- VALUE "ProductVersion", "1.24-Beta5"

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\Debug\crypto.lib;..\Common\Debug\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\x64\Debug\crypto.lib;..\Common\x64\Debug\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\Release\crypto.lib;..\Common\Release\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\Release\crypto.lib;..\Common\Release\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\x64\Release\crypto.lib;..\Common\x64\Release\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

- <AdditionalIncludeDirectories>..\Common;..\Crypto;..\;..\PKCS11;..\Common\zlib;..\Common\libzip;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>

- <AdditionalDependencies>..\Crypto\x64\Release\crypto.lib;..\Common\x64\Release\Zip.lib;mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>

- <DelayLoadDLLs>mpr.dll;%(DelayLoadDLLs)</DelayLoadDLLs>

-#define IDC_TRUECRYPT_MODE 1140

-#define _APS_NEXT_COMMAND_VALUE 40069

-#define _APS_NEXT_CONTROL_VALUE 1175