VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Common/Apidrvr.h3
-rw-r--r--src/Common/BootEncryption.cpp7
-rw-r--r--src/Common/BootEncryption.h2
-rw-r--r--src/Common/Cache.c6
-rw-r--r--src/Common/Cache.h2
-rw-r--r--src/Common/Common.h1
-rw-r--r--src/Common/Common.rc23
-rw-r--r--src/Common/Crypto.h20
-rw-r--r--src/Common/Dlgcode.c17
-rw-r--r--src/Common/Dlgcode.h4
-rw-r--r--src/Common/Format.c2
-rw-r--r--src/Common/Language.xml3
-rw-r--r--src/Common/Password.c4
-rw-r--r--src/Common/Password.h2
-rw-r--r--src/Common/Resource.h6
-rw-r--r--src/Common/Volumes.c13
-rw-r--r--src/Common/Volumes.h4
-rw-r--r--src/Driver/DriveFilter.c53
-rw-r--r--src/Driver/Ntdriver.c6
-rw-r--r--src/Driver/Ntvol.c2
-rw-r--r--src/Format/InPlace.c9
-rw-r--r--src/Format/InPlace.h2
-rw-r--r--src/Format/Tcformat.c55
-rw-r--r--src/Format/Tcformat.h2
-rw-r--r--src/Mount/MainCom.cpp17
-rw-r--r--src/Mount/MainCom.h2
-rw-r--r--src/Mount/MainCom.idl3
-rw-r--r--src/Mount/Mount.c218
-rw-r--r--src/Mount/Mount.h5
-rw-r--r--src/Mount/Mount.rc63
-rw-r--r--src/Mount/Resource.h6
-rw-r--r--src/Setup/ComSetup.cpp2
32 files changed, 426 insertions, 138 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h
index ac6f3fbb..ac1689be 100644
--- a/src/Common/Apidrvr.h
+++ b/src/Common/Apidrvr.h
@@ -100,6 +100,8 @@ typedef struct
Password ProtectedHidVolPassword; /* Password to the hidden volume to be protected against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
+ int pkcs5_prf;
+ int ProtectedHidVolPkcs5Prf;
} MOUNT_STRUCT;
typedef struct
@@ -235,6 +237,7 @@ typedef struct
typedef struct
{
Password VolumePassword;
+ int pkcs5_prf;
} ReopenBootVolumeHeaderRequest;
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 824e3b6d..47f6418f 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -1638,7 +1638,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
- ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, NULL, cryptoInfo);
+ ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, NULL, cryptoInfo);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@@ -2117,7 +2117,7 @@ namespace VeraCrypt
}
- int BootEncryption::ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount)
+ int BootEncryption::ChangePassword (Password *oldPassword, int old_pkcs5,Password *newPassword, int pkcs5, int wipePassCount)
{
BootEncryptionStatus encStatus = GetStatus();
@@ -2159,7 +2159,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL;
- int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, &cryptoInfo, NULL);
+ int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0)
@@ -2257,6 +2257,7 @@ namespace VeraCrypt
{
ReopenBootVolumeHeaderRequest reopenRequest;
reopenRequest.VolumePassword = *newPassword;
+ reopenRequest.pkcs5_prf = cryptoInfo->pkcs5;
finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); });
CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest));
diff --git a/src/Common/BootEncryption.h b/src/Common/BootEncryption.h
index db1eb423..585b8425 100644
--- a/src/Common/BootEncryption.h
+++ b/src/Common/BootEncryption.h
@@ -141,7 +141,7 @@ namespace VeraCrypt
void AbortSetup ();
void AbortSetupWait ();
void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0);
- int ChangePassword (Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount);
+ int ChangePassword (Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount);
void CheckDecoyOSWipeResult ();
void CheckEncryptionSetupResult ();
void CheckRequirements ();
diff --git a/src/Common/Cache.c b/src/Common/Cache.c
index e119681e..2ecf9d86 100644
--- a/src/Common/Cache.c
+++ b/src/Common/Cache.c
@@ -21,7 +21,7 @@ Password CachedPasswords[CACHE_SIZE];
int cacheEmpty = 1;
static int nPasswordIdx = 0;
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo)
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i;
@@ -29,7 +29,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
/* Attempt to recognize volume using mount password */
if (password->Length > 0)
{
- nReturnCode = ReadVolumeHeader (bBoot, header, password, retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@@ -59,7 +59,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
{
if (CachedPasswords[i].Length > 0)
{
- nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], retInfo, NULL);
+ nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG)
break;
diff --git a/src/Common/Cache.h b/src/Common/Cache.h
index 18324a5c..3c68479e 100644
--- a/src/Common/Cache.h
+++ b/src/Common/Cache.h
@@ -19,5 +19,5 @@
extern int cacheEmpty;
void AddPasswordToCache (Password *password);
-int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, PCRYPTO_INFO *retInfo);
+int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo);
void WipeCache (void);
diff --git a/src/Common/Common.h b/src/Common/Common.h
index ef25ec17..d4375b5d 100644
--- a/src/Common/Common.h
+++ b/src/Common/Common.h
@@ -76,6 +76,7 @@ typedef struct
Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */
BOOL UseBackupHeader;
BOOL RecoveryMode;
+ int ProtectedHidVolPkcs5Prf;
} MountOptions;
#endif
diff --git a/src/Common/Common.rc b/src/Common/Common.rc
index 13b9f973..4f4dfb32 100644
--- a/src/Common/Common.rc
+++ b/src/Common/Common.rc
@@ -65,7 +65,7 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14
END
-IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 172
+IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 204
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Mount Options"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -78,16 +78,18 @@ BEGIN
CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10
EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,123,90,10
- CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,136,90,10
- PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,125,60,14
- LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,151,247,10,SS_NOTIFY
+ CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,146,90,10
+ CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,159,90,10
+ PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,148,60,14
+ LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,174,247,10,SS_NOTIFY
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
- GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,95
+ GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,120
CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
+ COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17
END
IDD_KEYFILES DIALOGEX 0, 0, 345, 237
@@ -307,12 +309,13 @@ BEGIN
LTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,8,274,9
END
-IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 42
+IDD_STATIC_MODAL_WAIT_DLG DIALOGEX 0, 0, 292, 61
STYLE DS_SETFONT | DS_MODALFRAME | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION
CAPTION "VeraCrypt"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
- CTEXT "Please wait. This process may take a long time...",IDT_STATIC_MODELESS_WAIT_DLG_INFO,9,11,274,9
+ CTEXT "Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.",IDT_STATIC_MODAL_WAIT_DLG_INFO,9,11,274,20
+ CONTROL "",IDC_WAIT_PROGRESS_BAR,"msctls_progress32",WS_BORDER,7,37,278,14
END
@@ -341,7 +344,7 @@ BEGIN
BEGIN
LEFTMARGIN, 7
TOPMARGIN, 7
- BOTTOMMARGIN, 166
+ BOTTOMMARGIN, 198
END
IDD_KEYFILES, DIALOG
@@ -453,7 +456,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 285
TOPMARGIN, 7
- BOTTOMMARGIN, 35
+ BOTTOMMARGIN, 54
END
END
#endif // APSTUDIO_INVOKED
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h
index a6ed56d2..4695239b 100644
--- a/src/Common/Crypto.h
+++ b/src/Common/Crypto.h
@@ -196,6 +196,7 @@ typedef struct CRYPTO_INFO_t
{
int ea; /* Encryption algorithm ID */
int mode; /* Mode of operation (e.g., XTS) */
+ int pkcs5; /* PRF algorithm */
unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */
unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */
@@ -240,10 +241,26 @@ typedef struct CRYPTO_INFO_t
UINT64_STRUCT EncryptedAreaLength;
uint32 HeaderFlags;
- int pkcs5;
} CRYPTO_INFO, *PCRYPTO_INFO;
+#ifdef _WIN32
+
+#pragma pack (push)
+#pragma pack(1)
+
+typedef struct BOOT_CRYPTO_HEADER_t
+{
+ __int16 ea; /* Encryption algorithm ID */
+ __int16 mode; /* Mode of operation (e.g., XTS) */
+ __int16 pkcs5; /* PRF algorithm */
+
+} BOOT_CRYPTO_HEADER, *PBOOT_CRYPTO_HEADER;
+
+#pragma pack (pop)
+
+#endif
+
PCRYPTO_INFO crypto_open (void);
void crypto_loadkey (PKEY_INFO keyInfo, char *lpszUserKey, int nUserKeyLen);
void crypto_close (PCRYPTO_INFO cryptoInfo);
@@ -300,6 +317,7 @@ const
char *HashGetName (int hash_algo_id);
#ifndef TC_WINDOWS_BOOT
+Hash *HashGet (int id);
void HashGetName2 (char *buf, int hashId);
BOOL HashIsDeprecated (int hashId);
BOOL HashForSystemEncryption (int hashId);
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index bb84d377..1dbbbd29 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -6168,6 +6168,14 @@ static BOOL CALLBACK MountWaitDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
{
MountThreadParam* thParam = (MountThreadParam*) lParam;
HANDLE hThread = NULL;
+
+ // set the progress bar type to MARQUEE (indefinite progress)
+ HWND hProgress = GetDlgItem (hwndDlg, IDC_WAIT_PROGRESS_BAR);
+ if (hProgress)
+ {
+ SetWindowLongPtr (hProgress, GWL_STYLE, PBS_MARQUEE | GetWindowLongPtr (hProgress, GWL_STYLE));
+ ::SendMessage(hProgress, PBM_SETMARQUEE, (WPARAM) TRUE, (LPARAM) 0);
+ }
thParam->hwnd = hwndDlg;
@@ -6225,6 +6233,7 @@ int MountVolume (HWND hwndDlg,
int driveNo,
char *volumePath,
Password *password,
+ int pkcs5,
BOOL cachePassword,
BOOL sharedAccess,
const MountOptions* const mountOptions,
@@ -6285,6 +6294,7 @@ retry:
{
mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword;
mount.bProtectHiddenVolume = TRUE;
+ mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf;
}
else
mount.bProtectHiddenVolume = FALSE;
@@ -6294,6 +6304,7 @@ retry:
mount.bPreserveTimestamp = mountOptions->PreserveTimestamp;
mount.bMountManager = TRUE;
+ mount.pkcs5_prf = pkcs5;
// Windows 2000 mount manager causes problems with remounted volumes
if (CurrentOSMajor == 5 && CurrentOSMinor == 0)
@@ -6364,6 +6375,8 @@ retry:
burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
+ burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
+ burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
if (bResult == FALSE)
{
@@ -8881,7 +8894,7 @@ void ReportUnexpectedState (char *techInfo)
#ifndef SETUP
-int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
+int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{
int status = ERR_PARAMETER_INCORRECT;
int volumeType;
@@ -9043,7 +9056,7 @@ int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *pa
}
// Decrypt volume header
- status = ReadVolumeHeader (FALSE, buffer, password, &context->CryptoInfo, NULL);
+ status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 7faf6bc0..3781fd54 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -325,7 +325,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (char *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
-int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
+int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, int pkcs5, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL IsPasswordCacheEmpty (void);
BOOL IsMountedVolume (const char *volname);
@@ -447,7 +447,7 @@ void ToBootPwdField (HWND hwndDlg, UINT ctrlId);
void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL DoDriverInstall (HWND hwndDlg);
-int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
+int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);
diff --git a/src/Common/Format.c b/src/Common/Format.c
index ad6be026..c7198f60 100644
--- a/src/Common/Format.c
+++ b/src/Common/Format.c
@@ -623,7 +623,7 @@ error:
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
+ if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
diff --git a/src/Common/Language.xml b/src/Common/Language.xml
index 4ccf9c40..70e4b65f 100644
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@@ -270,6 +270,7 @@
<control lang="en" key="IDT_PARALLELIZATION_OPTIONS">Thread-Based Parallelization</control>
<control lang="en" key="IDT_PKCS11_LIB_PATH">PKCS #11 Library Path</control>
<control lang="en" key="IDT_PKCS5_PRF">PKCS-5 PRF:</control>
+ <control lang="en" key="IDT_NEW_PKCS5_PRF">PKCS-5 PRF:</control>
<control lang="en" key="IDT_PW_CACHE_OPTIONS">Password Cache</control>
<control lang="en" key="IDT_SECURITY_OPTIONS">Security Options</control>
<control lang="en" key="IDT_TASKBAR_ICON">VeraCrypt Background Task</control>
@@ -345,6 +346,7 @@
<control lang="en" key="IDT_SECURITY_TOKEN">Security token:</control>
<control lang="en" key="IDT_SORT_METHOD">Sort Method:</control>
<control lang="en" key="IDT_STATIC_MODELESS_WAIT_DLG_INFO">Please wait. This process may take a long time...</control>
+ <control lang="en" key="IDT_STATIC_MODAL_WAIT_DLG_INFO">Please wait...\nThis process may take a long time and VeraCrypt may become unresponsive.</control>
<control lang="en" key="IDT_TEST_BLOCK_NUMBER">Block number:</control>
<control lang="en" key="IDT_TEST_CIPHERTEXT">Ciphertext (hexadecimal)</control>
<control lang="en" key="IDT_TEST_DATA_UNIT_NUMBER">Data unit number (64-bit hexadecimal, data unit size is 512 bytes)</control>
@@ -756,6 +758,7 @@
<string lang="en" key="REMOVABLE_DISK">Removable Disk</string>
<string lang="en" key="HARDDISK">Harddisk</string>
<string lang="en" key="UNCHANGED">Unchanged</string>
+ <string lang="en" key="AUTODETECTION">Autodetection</string>
<string lang="en" key="SETUP_MODE_TITLE">Wizard Mode</string>
<string lang="en" key="SETUP_MODE_INFO">Select one of the modes. If you are not sure which to select, use the default mode.</string>
<string lang="en" key="SETUP_MODE_HELP_INSTALL">Select this option if you want to install VeraCrypt on this system.</string>
diff --git a/src/Common/Password.c b/src/Common/Password.c
index 2c065b68..921ce02e 100644
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
return TRUE;
}
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
+int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -287,7 +287,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
/* Try to decrypt the header */
- nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, &cryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
diff --git a/src/Common/Password.h b/src/Common/Password.h
index 887c6160..66903b53 100644
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@@ -35,7 +35,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
-int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
+int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
diff --git a/src/Common/Resource.h b/src/Common/Resource.h
index eb2c5890..4b8c2df5 100644
--- a/src/Common/Resource.h
+++ b/src/Common/Resource.h
@@ -184,6 +184,10 @@
#define IDC_KEYFILES_RANDOM_SIZE 5122
#define IDT_KEYFILES_SIZE 5123
#define IDD_STATIC_MODAL_WAIT_DLG 5124
+#define IDT_STATIC_MODAL_WAIT_DLG_INFO 5125
+#define IDC_WAIT_PROGRESS_BAR 5126
+#define IDC_PKCS5_PRF_ID 5127
+#define IDT_PKCS5_PRF 5128
// Next default values for new objects
//
@@ -192,7 +196,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 542
#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 5125
+#define _APS_NEXT_CONTROL_VALUE 5129
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 2bd870bc..c88e81d8 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -163,7 +163,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
-int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo;
@@ -198,7 +198,8 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
return ERR_OUTOFMEMORY;
}
- if (encryptionThreadCount > 1)
+ /* use thread pool only if no PRF was specified */
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
keyDerivationWorkItems = TCalloc (sizeof (KeyDerivationWorkItem) * pkcs5PrfCount);
if (!keyDerivationWorkItems)
@@ -241,7 +242,11 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCR
// Test all available PKCS5 PRFs
for (enqPkcs5Prf = FIRST_PRF_ID; enqPkcs5Prf <= LAST_PRF_ID || queuedWorkItems > 0; ++enqPkcs5Prf)
{
- if (encryptionThreadCount > 1)
+ // if a PRF is specified, we skip all other PRFs
+ if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
+ continue;
+
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
// Enqueue key derivation on thread pool
if (queuedWorkItems < encryptionThreadCount && enqPkcs5Prf <= LAST_PRF_ID)
@@ -529,7 +534,7 @@ ret:
VirtualUnlock (&dk, sizeof (dk));
#endif
- if (encryptionThreadCount > 1)
+ if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
TC_WAIT_EVENT (noOutstandingWorkItemEvent);
diff --git a/src/Common/Volumes.h b/src/Common/Volumes.h
index 8f1da28d..18a52692 100644
--- a/src/Common/Volumes.h
+++ b/src/Common/Volumes.h
@@ -126,7 +126,11 @@ extern BOOL ReadVolumeHeaderRecoveryMode;
uint16 GetHeaderField16 (byte *header, int offset);
uint32 GetHeaderField32 (byte *header, int offset);
UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
+#ifdef TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+#else
+int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
+#endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)
int CreateVolumeHeaderInMemory (BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index b195ef5e..87370802 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -219,6 +219,8 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
NTSTATUS status;
LARGE_INTEGER offset;
char *header;
+ int pkcs5_prf = 0;
+ byte *mappedCryptoInfo = NULL;
Dump ("MountDrive pdo=%p\n", Extension->Pdo);
ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);
@@ -269,7 +271,30 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
goto ret;
}
- if (ReadVolumeHeader (!hiddenVolume, header, password, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
+ if (BootArgs.CryptoInfoLength > 0)
+ {
+ PHYSICAL_ADDRESS cryptoInfoAddress;
+
+ cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
+ mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
+ if (mappedCryptoInfo)
+ {
+ /* Get the parameters used for booting to speed up driver startup and avoid testing irrelevant PRFs */
+ BOOT_CRYPTO_HEADER* pBootCryptoInfo = (BOOT_CRYPTO_HEADER*) mappedCryptoInfo;
+ Hash* pHash = HashGet(pBootCryptoInfo->pkcs5);
+ if (pHash && pHash->SystemEncryption)
+ pkcs5_prf = pBootCryptoInfo->pkcs5;
+ else
+ {
+ status = STATUS_UNSUCCESSFUL;
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ goto ret;
+ }
+ }
+ }
+
+ if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
{
// Header decrypted
status = STATUS_SUCCESS;
@@ -316,20 +341,15 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
Dump ("Loaded: EncryptedAreaStart=%I64d (%I64d) EncryptedAreaEnd=%I64d (%I64d)\n", Extension->Queue.EncryptedAreaStart / 1024 / 1024, Extension->Queue.EncryptedAreaStart, Extension->Queue.EncryptedAreaEnd / 1024 / 1024, Extension->Queue.EncryptedAreaEnd);
// Erase boot loader scheduled keys
- if (BootArgs.CryptoInfoLength > 0)
+ if (mappedCryptoInfo)
{
- PHYSICAL_ADDRESS cryptoInfoAddress;
- byte *mappedCryptoInfo;
-
+#ifdef DEBUG
+ PHYSICAL_ADDRESS cryptoInfoAddress;
cryptoInfoAddress.QuadPart = (BootLoaderSegment << 4) + BootArgs.CryptoInfoOffset;
- mappedCryptoInfo = MmMapIoSpace (cryptoInfoAddress, BootArgs.CryptoInfoLength, MmCached);
-
- if (mappedCryptoInfo)
- {
- Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
- burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
- MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
- }
+ Dump ("Wiping memory %x %d\n", cryptoInfoAddress.LowPart, BootArgs.CryptoInfoLength);
+#endif
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
}
BootDriveFilterExtension = Extension;
@@ -755,7 +775,10 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
return;
if (!BootDriveFound || !BootDriveFilterExtension || !BootDriveFilterExtension->DriveMounted || !BootDriveFilterExtension->HeaderCryptoInfo
- || request->VolumePassword.Length > MAX_PASSWORD)
+ || request->VolumePassword.Length > MAX_PASSWORD
+ || request->pkcs5_prf < 0
+ || request->pkcs5_prf > LAST_PRF_ID
+ )
{
irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
goto wipe;
@@ -780,7 +803,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
goto ret;
}
- if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
+ if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index e7a55b02..4476adb2 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -1364,7 +1364,9 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
{
MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer;
- if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD)
+ if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD
+ || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
+ || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID )
{
Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
Irp->IoStatus.Information = 0;
@@ -1378,6 +1380,8 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
burn (&mount->VolumePassword, sizeof (mount->VolumePassword));
burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));
+ burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));
+ burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));
}
break;
diff --git a/src/Driver/Ntvol.c b/src/Driver/Ntvol.c
index 29ccd543..a8bcc14a 100644
--- a/src/Driver/Ntvol.c
+++ b/src/Driver/Ntvol.c
@@ -462,6 +462,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->bCache,
readBuffer,
&mount->ProtectedHidVolPassword,
+ mount->ProtectedHidVolPkcs5Prf,
&tmpCryptoInfo);
}
else
@@ -471,6 +472,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
mount->bCache,
readBuffer,
&mount->VolumePassword,
+ mount->pkcs5_prf,
&Extension->cryptoInfo);
}
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c
index 5c8cb3b4..8c07fd8e 100644
--- a/src/Format/InPlace.c
+++ b/src/Format/InPlace.c
@@ -548,7 +548,7 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol
/* Now we will try to decrypt the backup header to verify it has been correctly written. */
- nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, &cryptoInfo2, NULL, deviceSize);
+ nStatus = OpenBackupHeader (dev, volParams->volumePath, volParams->password, volParams->pkcs5,&cryptoInfo2, NULL, deviceSize);
if (nStatus != ERR_SUCCESS
|| cryptoInfo->EncryptedAreaStart.Value != cryptoInfo2->EncryptedAreaStart.Value
@@ -663,6 +663,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
DWORD n;
char *devicePath = volParams->volumePath;
Password *password = volParams->password;
+ int pkcs5_prf = volParams->pkcs5;
DISK_GEOMETRY driveGeometry;
@@ -755,7 +756,7 @@ int EncryptPartitionInPlaceResume (HANDLE dev,
sectorSize = driveGeometry.BytesPerSector;
- nStatus = OpenBackupHeader (dev, devicePath, password, &masterCryptoInfo, headerCryptoInfo, deviceSize);
+ nStatus = OpenBackupHeader (dev, devicePath, password, pkcs5_prf, &masterCryptoInfo, headerCryptoInfo, deviceSize);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
@@ -1504,7 +1505,7 @@ closing_seq:
}
-static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize)
+static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, int pkcs5, PCRYPTO_INFO *retMasterCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize)
{
LARGE_INTEGER offset;
DWORD n;
@@ -1530,7 +1531,7 @@ static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *passw
}
- nStatus = ReadVolumeHeader (FALSE, header, password, retMasterCryptoInfo, headerCryptoInfo);
+ nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, retMasterCryptoInfo, headerCryptoInfo);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
diff --git a/src/Format/InPlace.h b/src/Format/InPlace.h
index 82bae5b4..979af189 100644
--- a/src/Format/InPlace.h
+++ b/src/Format/InPlace.h
@@ -37,7 +37,7 @@ static int ConcealNTFS (HANDLE dev);
BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId wipeAlgorithm);
static void ExportProgressStats (__int64 bytesDone, __int64 totalSize);
int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount);
-static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize);
+static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *password, int pkcs5, PCRYPTO_INFO *retCryptoInfo, CRYPTO_INFO *headerCryptoInfo, __int64 deviceSize);
BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold);
#ifdef __cplusplus
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index a3c596dd..5eabbf0f 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -31,6 +31,7 @@
#include "Common/Dictionary.h"
#include "Common/Endian.h"
#include "Common/resource.h"
+#include "Common/Pkcs5.h"
#include "Platform/Finally.h"
#include "Platform/ForEach.h"
#include "Random.h"
@@ -223,6 +224,8 @@ Password volumePassword; /* User password */
char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */
char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */
+int volumePkcs5Prf = 0;
+
BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */
BOOL ComServerMode = FALSE;
@@ -2414,7 +2417,7 @@ static void __cdecl volTransformThreadFunction (void *hwndDlgArg)
if (bHiddenVolHost && !bVolTransformThreadCancel && nStatus == 0)
{
/* Auto mount the newly created hidden volume host */
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, FALSE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, FALSE))
{
case ERR_NO_FREE_DRIVES:
MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);
@@ -3861,24 +3864,42 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case HIDDEN_VOL_HOST_PASSWORD_PAGE:
case NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE:
+ {
+ /* Populate the PRF algorithms list */
+ int nIndex, i;
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
- SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0);
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
- SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), szRawPassword);
+ /* make autodetection the default */
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
- SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT));
+ SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), EM_LIMITTEXT, MAX_PASSWORD, 0);
- SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);
+ SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), szRawPassword);
- SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP"));
+ SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT));
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE"));
+ SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
- SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+ SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP"));
- EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys);
- EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bInPlaceEncNonSys ? "PASSWORD" : "PASSWORD_HIDVOL_HOST_TITLE"));
+
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
+ SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+
+ EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys);
+ EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+ }
break;
@@ -6732,6 +6753,8 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD_DIRECT), (char *) volumePassword.Text, sizeof (volumePassword.Text));
volumePassword.Length = strlen ((char *) volumePassword.Text);
+ hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
+
// Store the password in case we need to restore it after keyfile is applied to it
GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD_DIRECT), szRawPassword, sizeof (szRawPassword));
@@ -6769,7 +6792,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Mount the hidden volume host as read-only (to ensure consistent and secure
// results of the volume bitmap scanning)
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, TRUE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, TRUE))
{
case ERR_NO_FREE_DRIVES:
NormalCursor ();
@@ -6878,7 +6901,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
OpenVolumeContext volume;
- if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, FALSE, FALSE, TRUE) == ERR_SUCCESS)
+ if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, volumePkcs5Prf, FALSE, FALSE, TRUE) == ERR_SUCCESS)
{
if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0
&& volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value)
@@ -7446,7 +7469,7 @@ retryCDDriveCheck:
{
// Remount the hidden volume host as read-only (to ensure consistent and secure
// results of the volume bitmap scanning)
- switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, TRUE))
+ switch (MountHiddenVolHost (hwndDlg, szDiskFile, &hiddenVolHostDriveNo, &volumePassword, hash_algo, TRUE))
{
case ERR_NO_FREE_DRIVES:
MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);
@@ -8232,7 +8255,7 @@ efsf_error:
// Mounts a volume within which the user intends to create a hidden volume
-int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *password, BOOL bReadOnly)
+int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *password, int pkcs5_prf, BOOL bReadOnly)
{
MountOptions mountOptions;
ZeroMemory (&mountOptions, sizeof (mountOptions));
@@ -8252,7 +8275,7 @@ int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
- if (MountVolume (hwndDlg, *driveNo, volumePath, password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
+ if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
*driveNo = -3;
return ERR_VOL_MOUNT_FAILED;
diff --git a/src/Format/Tcformat.h b/src/Format/Tcformat.h
index 14512607..e8b790cf 100644
--- a/src/Format/Tcformat.h
+++ b/src/Format/Tcformat.h
@@ -67,7 +67,7 @@ static void NonSysInplaceEncPause (void);
static void NonSysInplaceEncResume (void);
void ShowNonSysInPlaceEncUIStatus (void);
void UpdateNonSysInPlaceEncControls (void);
-int MountHiddenVolHost ( HWND hwndDlg, char *volumePath, int *driveNo, Password *password, BOOL bReadOnly );
+int MountHiddenVolHost ( HWND hwndDlg, char *volumePath, int *driveNo, Password *password, int pkcs5_prf, BOOL bReadOnly );
int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters);
int ScanVolClusterBitmap ( HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters);
static void WipeStart (void);
diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp
index 829cd21f..a75b1e52 100644
--- a/src/Mount/MainCom.cpp
+++ b/src/Mount/MainCom.cpp
@@ -106,7 +106,7 @@ public:
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
- return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
@@ -151,6 +151,17 @@ public:
return BaseCom::WriteLocalMachineRegistryDwordValue (keyPath, valueName, value);
}
+ virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)
+ {
+ USES_CONVERSION;
+ CW2A volumePathA(volumePath);
+ MainDlg = (HWND) hWnd;
+ if (volumePathA.m_psz)
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
+ else
+ return ERR_OUTOFMEMORY;
+ }
+
protected:
DWORD MessageThreadId;
LONG RefCount;
@@ -261,7 +272,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
}
-extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
+extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
CComPtr<ITrueCryptMainCom> tc;
int r;
@@ -269,7 +280,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *
if (ComGetInstance (hwndDlg, &tc))
{
WaitCursor ();
- r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
+ r = tc->ChangePasswordEx (CComBSTR (lpszVolume), oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
NormalCursor ();
}
else
diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h
index a22eb345..7643c64f 100644
--- a/src/Mount/MainCom.h
+++ b/src/Mount/MainCom.h
@@ -23,7 +23,7 @@ BOOL ComServerMain ();
void UacAnalyzeKernelMiniDump (HWND hwndDlg);
int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
-int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
+int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#ifdef __cplusplus
}
diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl
index 8550fe8f..3e347c95 100644
--- a/src/Mount/MainCom.idl
+++ b/src/Mount/MainCom.idl
@@ -12,7 +12,7 @@ import "..\Common\Password.h";
[
uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A),
helpstring("VeraCrypt Main UAC Support Library"),
- version(2.4) // Update ComSetup.cpp when changing version number
+ version(2.5) // Update ComSetup.cpp when changing version number
]
library TrueCryptMainCom
{
@@ -37,6 +37,7 @@ library TrueCryptMainCom
int RestoreVolumeHeader (LONG_PTR hwndDlg, BSTR lpszVolume);
DWORD SetDriverServiceStartType (DWORD startType);
DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);
+ int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
};
[
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 0f58c66e..db0e6a91 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -122,6 +122,8 @@ int nSelectedDriveIndex = -1; /* Item number of selected drive */
int cmdUnmountDrive = 0; /* Volume drive letter to unmount (-1 = all) */
Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */
+int VolumePkcs5 = 0;
+int CmdVolumePkcs5 = 0;
BOOL CmdVolumePasswordValid = FALSE;
MountOptions CmdMountOptions;
BOOL CmdMountOptionsValid = FALSE;
@@ -213,6 +215,8 @@ static void localcleanup (void)
clear them for extra security. */
burn (&VolumePassword, sizeof (VolumePassword));
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));
burn (&mountOptions, sizeof (mountOptions));
burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName));
@@ -493,6 +497,7 @@ void LoadSettings (HWND hwndDlg)
defaultMountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE);
defaultMountOptions.ReadOnly = ConfigReadInt ("MountVolumesReadOnly", FALSE);
defaultMountOptions.ProtectHiddenVolume = FALSE;
+ defaultMountOptions.ProtectedHidVolPkcs5Prf = 0;
defaultMountOptions.PartitionInInactiveSysEncScope = FALSE;
defaultMountOptions.RecoveryMode = FALSE;
defaultMountOptions.UseBackupHeader = FALSE;
@@ -1448,7 +1453,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
case WM_INITDIALOG:
{
LPARAM nIndex;
- HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID);
int i;
WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
@@ -1466,6 +1471,22 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), TRUE);
+ /* Add PRF algorithm list for current password */
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
+ /* Add PRF algorithm list for new password */
+ hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("UNCHANGED"));
@@ -1508,6 +1529,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
break;
case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL:
@@ -1558,6 +1581,12 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
ShowWindow(GetDlgItem(hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), SW_HIDE);
ShowWindow(GetDlgItem(hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI), SW_HIDE);
+ /* for system encryption, we can't change the PRF */
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PKCS5_PRF), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), FALSE);
+
if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)
{
Error ("CANNOT_SET_TIMER");
@@ -1815,6 +1844,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0),
0);
int nStatus;
+ int old_pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETITEMDATA,
+ SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0);
int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
@@ -1872,11 +1903,20 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
{
// System
- pkcs5 = 0; // PKCS-5 PRF unchanged (currently system encryption supports only RIPEMD-160)
+ try
+ {
+ VOLUME_PROPERTIES_STRUCT properties;
+ BootEncObj->GetVolumeProperties(&properties);
+ old_pkcs5 = properties.pkcs5;
+ }
+ catch(...)
+ {}
+
+ pkcs5 = 0; // PKCS-5 PRF unchanged (currently we can't change PRF of system encryption)
try
{
- nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
+ nStatus = BootEncObj->ChangePassword (&oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
}
catch (Exception &e)
{
@@ -1888,14 +1928,14 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
{
// Non-system
- nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
+ nStatus = ChangePwd (szFileName, &oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
if (nStatus == ERR_OS_ERROR
&& GetLastError () == ERROR_ACCESS_DENIED
&& IsUacSupported ()
&& IsVolumeDeviceHosted (szFileName))
{
- nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
+ nStatus = UacChangePwd (szFileName, &oldPassword, old_pkcs5, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
}
}
@@ -1943,13 +1983,16 @@ static char *PasswordDialogTitleStringId;
BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
{
WORD lw = LOWORD (wParam);
- static Password *szXPwd;
+ static Password *szXPwd;
+ static int *pkcs5;
switch (msg)
{
case WM_INITDIALOG:
{
- szXPwd = (Password *) lParam;
+ int i, nIndex;
+ szXPwd = ((PasswordDlgParam *) lParam) -> password;
+ pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE);
@@ -1977,6 +2020,22 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SetWindowTextW (hwndDlg, s);
}
+ /* Populate the PRF algorithms list */
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ /* make autodetection the default */
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);
@@ -2155,6 +2214,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
szXPwd->Length = strlen ((char *) szXPwd->Text);
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
+ *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
}
// Attempt to wipe password stored in the input field buffer
@@ -2502,6 +2562,21 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_SYSENC_PART_WITHOUT_PBA), !bPrebootPasswordDlgMode);
+ /* Add PRF algorithm list for hidden volume password */
+ HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
+ SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
+
+ int i, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
+
+ for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
+ {
+ nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
+ SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
+ }
+
+ SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
+
protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL));
EnableWindow (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL), !IsButtonChecked (GetDlgItem (hwndDlg, IDC_MOUNT_READONLY)));
@@ -2511,6 +2586,8 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDT_HIDDEN_PROT_PASSWD), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect);
SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT, hidVolProtKeyFilesParam.EnableKeyFiles);
@@ -2609,6 +2686,9 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
sizeof (mountOptions->ProtectedHidVolPassword.Text));
mountOptions->ProtectedHidVolPassword.Length = strlen ((char *) mountOptions->ProtectedHidVolPassword.Text);
+
+ mountOptions->ProtectedHidVolPkcs5Prf = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
+ SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
}
// Cleanup
@@ -2645,6 +2725,8 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_MO), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_HIDVOL_PROT), protect);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE_HIDVOL_PROT), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), protect);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), protect);
return 1;
}
@@ -3396,21 +3478,27 @@ LPARAM GetItemLong (HWND hTree, int itemNo)
return item.lParam;
}
-static int AskVolumePassword (HWND hwndDlg, Password *password, char *titleStringId, BOOL enableMountOptions)
+static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, char *titleStringId, BOOL enableMountOptions)
{
int result;
+ PasswordDlgParam dlgParam;
PasswordDialogTitleStringId = titleStringId;
PasswordDialogDisableMountOptions = !enableMountOptions;
+ dlgParam.password = password;
+ dlgParam.pkcs5 = pkcs5;
+
result = DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,
- (DLGPROC) PasswordDlgProc, (LPARAM) password);
+ (DLGPROC) PasswordDlgProc, (LPARAM) &dlgParam);
if (result != IDOK)
{
password->Length = 0;
+ *pkcs5 = 0;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
return result == IDOK;
@@ -3430,7 +3518,10 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
nDosDriveNo = HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) - 'A';
if (!MultipleMountOperationInProgress)
+ {
VolumePassword.Length = 0;
+ VolumePkcs5 = 0;
+ }
if (szFileName == NULL)
{
@@ -3465,7 +3556,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
// First try cached passwords and if they fail ask user for a new one
WaitCursor ();
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile)
@@ -3474,14 +3565,16 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
emptyPassword.Length = 0;
KeyFilesApply (&emptyPassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ if (mounted)
+ VolumePkcs5 = CmdVolumePkcs5;
burn (&emptyPassword, sizeof (emptyPassword));
}
// Test password and/or keyfiles used for the previous volume
if (!mounted && MultipleMountOperationInProgress && VolumePassword.Length != 0)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
NormalCursor ();
@@ -3494,17 +3587,24 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
}
while (mounted == 0)
- {
+ {
if (CmdVolumePassword.Length > 0)
{
VolumePassword = CmdVolumePassword;
+ VolumePkcs5 = CmdVolumePkcs5;
}
else if (!Silent)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
goto ret;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
}
WaitCursor ();
@@ -3512,7 +3612,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
if (KeyFilesEnable)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor ();
// Check for legacy non-ASCII passwords
@@ -3524,9 +3624,13 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
Warning ("EXE_FILE_EXTENSION_MOUNT_WARNING");
if (!MultipleMountOperationInProgress)
+ {
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
if (CmdVolumePassword.Length > 0 || Silent)
break;
@@ -3554,9 +3658,13 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
ret:
if (!MultipleMountOperationInProgress)
+ {
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
RestoreDefaultKeyFilesParam ();
@@ -3749,14 +3857,21 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
{
if (!CmdVolumePasswordValid && bPasswordPrompt)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
PasswordDlgVolume[0] = '\0';
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
goto ret;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
}
else if (CmdVolumePasswordValid)
{
bPasswordPrompt = FALSE;
VolumePassword = CmdVolumePassword;
+ VolumePkcs5 = CmdVolumePkcs5;
}
WaitCursor();
@@ -3810,8 +3925,8 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
goto ret;
// First try user password then cached passwords
- if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
- || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
+ if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
+ || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
{
// A volume has been successfully mounted
@@ -3889,7 +4004,9 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
if (!bHeaderBakRetry)
{
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
} while (bPasswordPrompt && mountedVolCount < 1);
@@ -3923,7 +4040,9 @@ ret:
MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader;
@@ -4786,7 +4905,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BOOL mounted;
// Cached password
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// Command line password or keyfiles
if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))
@@ -4797,7 +4916,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (&CmdVolumePassword, FirstCmdKeyFile);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A',
- szFileName, &CmdVolumePassword, bCacheInDriver, bForceMount,
+ szFileName, &CmdVolumePassword, CmdVolumePkcs5, bCacheInDriver, bForceMount,
&mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@@ -4812,21 +4931,29 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Ask user for password
while (!mounted && !Silent)
{
+ int GuiPkcs5 = CmdVolumePkcs5;
VolumePassword.Length = 0;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE))
break;
+ else
+ {
+ VolumePkcs5 = GuiPkcs5;
+ burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ }
WaitCursor ();
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
+ burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
NormalCursor ();
}
@@ -6654,7 +6781,8 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
OptionSilent,
OptionTokenLib,
OptionVolume,
- CommandWipeCache
+ CommandWipeCache,
+ OptionPkcs5,
};
argument args[]=
@@ -6675,7 +6803,8 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
{ OptionSilent, "/silent", "/s", FALSE },
{ OptionTokenLib, "/tokenlib", NULL, FALSE },
{ OptionVolume, "/volume", "/v", FALSE },
- { CommandWipeCache, "/wipecache", "/w", FALSE }
+ { CommandWipeCache, "/wipecache", "/w", FALSE },
+ { OptionPkcs5, "/prf", NULL , FALSE }
};
argumentspec as;
@@ -6874,6 +7003,32 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
exit(0);
break;
+ case OptionPkcs5:
+ {
+ char szTmp[32];
+ if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs,
+ nArgPos, &i, nNoCommandLineArgs, szTmp, sizeof (szTmp)))
+ {
+ if (stricmp(szTmp, "sha512") == 0)
+ CmdVolumePkcs5 = SHA512;
+ else if (stricmp(szTmp, "whirlpool") == 0)
+ CmdVolumePkcs5 = WHIRLPOOL;
+ else if (stricmp(szTmp, "sha256") == 0)
+ CmdVolumePkcs5 = SHA256;
+ else if (stricmp(szTmp, "ripemd160") == 0)
+ CmdVolumePkcs5 = RIPEMD160;
+ else
+ {
+ CmdVolumePkcs5 = 0;
+ Error ("COMMAND_LINE_ERROR");
+ }
+
+ }
+ else
+ Error ("COMMAND_LINE_ERROR");
+ }
+ break;
+
// no option = file name
default:
{
@@ -7332,6 +7487,7 @@ skipMount:
MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
if (status && CloseSecurityTokenSessionsAfterMount)
SecurityToken::CloseAllSessions();
@@ -7558,7 +7714,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, askPassword, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -7569,7 +7725,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (askPassword, FirstKeyFile);
- nStatus = OpenVolume (askVol, lpszVolume, askPassword, FALSE, bPreserveTimestamp, FALSE);
+ nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, FALSE, bPreserveTimestamp, FALSE);
NormalCursor();
@@ -7722,6 +7878,7 @@ error:
handleError (hwndDlg, nStatus);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&hiddenVolPassword, sizeof (hiddenVolPassword));
burn (temporaryKey, sizeof (temporaryKey));
burn (originalK2, sizeof (originalK2));
@@ -7823,7 +7980,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
while (TRUE)
{
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, NULL, FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, NULL, FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -7834,7 +7991,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (&VolumePassword, FirstKeyFile);
- nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, TRUE, bPreserveTimestamp, TRUE);
+ nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, TRUE, bPreserveTimestamp, TRUE);
NormalCursor();
@@ -8025,7 +8182,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
// Open the header
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, &VolumePassword, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -8041,7 +8198,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (type == TC_VOLUME_TYPE_HIDDEN)
headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);
- nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, &restoredCryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, &restoredCryptoInfo, NULL);
if (nStatus == ERR_SUCCESS)
break;
}
@@ -8145,6 +8302,7 @@ error:
handleError (hwndDlg, nStatus);
burn (&VolumePassword, sizeof (VolumePassword));
+ burn (&VolumePkcs5, sizeof (VolumePkcs5));
RestoreDefaultKeyFilesParam();
RandStop (FALSE);
NormalCursor();
diff --git a/src/Mount/Mount.h b/src/Mount/Mount.h
index f0f5885f..e982de81 100644
--- a/src/Mount/Mount.h
+++ b/src/Mount/Mount.h
@@ -48,6 +48,11 @@ typedef struct
BOOL bHidVolDamagePrevReported[26];
} VOLUME_NOTIFICATIONS_LIST;
+typedef struct
+{
+ Password *password;
+ int* pkcs5;
+} PasswordDlgParam;
extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 56597cd2..8851646e 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -103,32 +103,34 @@ BEGIN
CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154
END
-IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 183
+IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 207
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Change Password or Keyfiles"
CLASS "CustomDlg"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_OLD_PASSWORD,89,14,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,34,86,10
- PUSHBUTTON "Keyfiles...",IDC_KEYFILES,177,32,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,46,138,10,WS_EX_TRANSPARENT
- EDITTEXT IDC_PASSWORD,89,74,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- EDITTEXT IDC_VERIFY,89,90,147,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,109,86,11
- PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,177,107,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,121,139,11,WS_EX_TRANSPARENT
- COMBOBOX IDC_PKCS5_PRF_ID,89,136,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,86,10
+ PUSHBUTTON "Keyfiles...",IDC_KEYFILES,177,51,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT
+ EDITTEXT IDC_PASSWORD,89,99,147,13,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_VERIFY,89,115,147,13,ES_PASSWORD | ES_AUTOHSCROLL
+ CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,86,11
+ PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,177,132,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,139,11,WS_EX_TRANSPARENT
+ COMBOBOX IDC_PKCS5_PRF_ID,89,161,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
DEFPUSHBUTTON "OK",IDOK,251,7,59,14
PUSHBUTTON "Cancel",IDCANCEL,251,24,59,14
RTEXT "Password:",IDT_PASSWORD,12,16,72,8
- RTEXT "Password:",IDT_NEW_PASSWORD,8,77,76,8
- RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,93,75,16
- RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,9,137,74,10,SS_CENTERIMAGE
- GROUPBOX "Current",IDT_CURRENT,6,3,238,58
- GROUPBOX "New",IDT_NEW,6,63,238,113
- COMBOBOX IDC_WIPE_MODE,89,155,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
- RTEXT "Wipe mode:",IDT_WIPE_MODE,9,157,74,8,0,WS_EX_RIGHT
+ RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8
+ RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16
+ RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE
+ GROUPBOX "Current",IDT_CURRENT,6,3,238,77
+ GROUPBOX "New",IDT_NEW,6,87,238,113
+ COMBOBOX IDC_WIPE_MODE,89,180,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT
+ COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE
END
IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@@ -161,21 +163,23 @@ BEGIN
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119
END
-IDD_PASSWORD_DLG DIALOGEX 0, 0, 280, 68
+IDD_PASSWORD_DLG DIALOGEX 0, 0, 305, 91
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION
CAPTION "Enter VeraCrypt Volume Password"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
- EDITTEXT IDC_PASSWORD,48,8,153,14,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_PASSWORD,69,8,153,14,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,27,153,10
- CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,40,83,10
- CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,52,52,83,11
- PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,137,49,64,14
- PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,208,49,64,14
- DEFPUSHBUTTON "OK",IDOK,208,8,64,14
- PUSHBUTTON "Cancel",IDCANCEL,208,25,64,14
- RTEXT "Password:",IDT_PASSWORD,0,10,46,19
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10
+ CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10
+ CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11
+ PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,158,72,64,14
+ PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,229,72,64,14
+ DEFPUSHBUTTON "OK",IDOK,229,8,64,14
+ PUSHBUTTON "Cancel",IDCANCEL,229,25,64,14
+ RTEXT "Password:",IDT_PASSWORD,0,10,65,13
+ COMBOBOX IDC_PKCS5_PRF_ID,69,26,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13
END
IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269
@@ -355,7 +359,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 309
TOPMARGIN, 7
- BOTTOMMARGIN, 176
+ BOTTOMMARGIN, 200
END
IDD_MOUNT_DLG, DIALOG
@@ -366,7 +370,8 @@ BEGIN
IDD_PASSWORD_DLG, DIALOG
BEGIN
- BOTTOMMARGIN, 63
+ RIGHTMARGIN, 296
+ BOTTOMMARGIN, 86
END
IDD_TRAVELER_DLG, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index 3ba75242..bf64cee2 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -35,7 +35,6 @@
#define IDC_ENABLE_NEW_KEYFILES 1012
#define IDC_PRESERVE_TIMESTAMPS 1013
#define IDC_PREF_WIPE_CACHE_ON_EXIT 1014
-#define IDC_PKCS5_PRF_ID 1015
#define IDC_PREF_CACHE_PASSWORDS 1016
#define IDC_DIRECTORY 1017
#define IDC_PREF_DISMOUNT_LOGOFF 1018
@@ -77,7 +76,6 @@
#define IDT_NEW 1054
#define IDT_NEW_PASSWORD 1055
#define IDT_CONFIRM_PASSWORD 1056
-#define IDT_PKCS5_PRF 1057
#define IDT_PW_CACHE_OPTIONS 1058
#define IDT_DEFAULT_MOUNT_OPTIONS 1059
#define IDT_WINDOWS_RELATED_SETTING 1060
@@ -160,6 +158,8 @@
#define IDC_FAVORITES_HELP_LINK 1135
#define IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX 1136
#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137
+#define IDT_NEW_PKCS5_PRF 1138
+#define IDC_PKCS5_OLD_PRF_ID 1139
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -231,7 +231,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 118
#define _APS_NEXT_COMMAND_VALUE 40064
-#define _APS_NEXT_CONTROL_VALUE 1138
+#define _APS_NEXT_CONTROL_VALUE 1140
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
diff --git a/src/Setup/ComSetup.cpp b/src/Setup/ComSetup.cpp
index 25d16a02..eadb838d 100644
--- a/src/Setup/ComSetup.cpp
+++ b/src/Setup/ComSetup.cpp
@@ -7,7 +7,7 @@
*/
#define TC_MAIN_COM_VERSION_MAJOR 2
-#define TC_MAIN_COM_VERSION_MINOR 4
+#define TC_MAIN_COM_VERSION_MINOR 5
#define TC_FORMAT_COM_VERSION_MAJOR 2
#define TC_FORMAT_COM_VERSION_MINOR 4